Skip to main content
Seal integrates AI capabilities to enhance productivity while maintaining strict data protection. Your data is never used to train AI models, and all AI-generated content belongs to you.
No data is sent to any AI model until you actively use an AI feature. AI can be disabled entirely at the organisation level.

At a glance

  • No model training — your data is never used to train or improve AI models
  • Human review — all AI-proposed changes go through changesets, reviewed and approved by a human
  • Your permissions — the agent inherits the exact same access as the user interacting with it
  • Per-user isolation — conversations are private to each user and not shared
  • Configurable residency — you choose the region where AI processing occurs
  • Bring your own provider — choose your preferred model vendor, or provide your own API keys for end-to-end control
  • Encrypted — AES-256 at rest, TLS 1.2+ in transit
  • Auditable — complete audit trails for all AI interactions

Frequently asked questions

When you interact with the AI agent, Seal sends only the context relevant to your query: your organisation’s documentation (internal and external) and the entity data that relates to what you’re working on. The agent cannot access data outside the scope of your current context.
No. Your data is never used to train or improve AI models. Seal only partners with model providers that contractually guarantee this — your data is processed solely to generate responses, never retained for model improvement.
Seal offers configurable data residency — your organisation selects the region where your data is hosted and where AI processing occurs.You can also choose your preferred model provider. If you want end-to-end control, you can provide your own API keys so that all AI requests go directly through your organisation’s account.Message history (your prompts and the model’s responses) is retained by the model provider for a maximum of 30 days for safety and abuse monitoring, after which it is permanently deleted. Beyond this transient retention window, your data is not stored outside your cloud tenant.
The AI agent inherits the exact same permissions as the user interacting with it. If you have read-only access to an entity or workspace, the agent has read-only access. If you cannot see a workspace, neither can the agent.The agent can read data and suggest content, but all changes it proposes are submitted through changesets — the same review workflow as any other edit in Seal. A human must review and approve every change before it takes effect. The agent cannot escalate privileges or access data outside the user’s scope.
No. Each AI conversation is isolated to the individual user who initiated it. Conversations are not visible to other users, and each session operates strictly within that user’s permission boundaries.
Yes. You can control AI access at multiple levels:
  • Individual users can choose not to use AI features
  • Specific workspaces can be configured as AI-free zones for sensitive data
  • You can enable only Automations Copilot while disabling data processing
  • You can disable AI entirely across your organisation

Audit and compliance

Complete audit trails log all AI interactions. Seal’s AI implementation supports GDPR compliance through Google Cloud’s Data Processing Addendum. Google Cloud maintains ISO 27001 certification, and Seal maintains SOC 2 Type II certification — viewable at our Security Portal.

Further reading

Seal’s recommended AI provider is Google Cloud. Similar data protection agreements are in place with all supported providers. For questions about AI governance or additional security controls, contact support@seal.run.