Skip to main content

AI security & governance

How Smoov uses large language models, what data leaves your account, and how automated decisions can be contested.

AI stack

  • Gemini flash-lite for Category A extraction tasks (classification, field extraction, deterministic transforms).
  • Gemini flash and a higher-capability Gemini reasoning model for Category B multi-axis judgment tasks (recovery scoring, IP risk, deal risk).
  • Inference runs against Google Cloud Vertex AI managed endpoints with zero-retention semantics on prompt / response data.

Data handling at inference time

  • No PII is included in prompt construction. Customer identifiers are mapped to opaque IDs before any prompt is built.
  • Inference inputs and outputs are not used to train or fine-tune third-party models. The zero-retention agreement covers this contractually.
  • Every AI-generated numeric estimate is surfaced with a confidence band so callers can reason about uncertainty.

Agent-runtime safety

  • Fail-safe routing: when an upstream model is unavailable, the caller receives a typed support-handoff envelope. Never a fabricated response.
  • Calls returning UNCERTAIN confidence are routed to the human review queue. There is no auto-approve and no auto-reject above the WARNING tier.
  • Every paid inference call is metered and rate-limited per account to prevent runaway behavior.

Your right to human review of automated decisions

Any automated decision that affects your account, including account suspensions, listing rejections, and capability denials, can be contested. You have the right to a founder-level human review of the decision and a written explanation of the outcome.

To exercise this right, see /privacy/rights or file an appeal directly at /compliance/appeal. The methodology behind each automated decision tier is documented at /transparency/trust-and-safety.