Navless AI Policy

Effective Date: January 5, 2026

Last Updated: January 5, 2026

This AI Governance & Use Policy (“Policy”) describes how Navless, Inc. (“Navless”) designs, deploys, operates, and governs artificial intelligence–enabled features within the Navless platform (the “AI Features”).

This Policy is intended to promote responsible, secure, and transparent use of AI while enabling Navless to deliver intelligent content discovery, recommendations, and automation for customers.

1. Scope and Applicability

This Policy applies to:

  • All AI-enabled functionality within the Navless platform
  • All Navless personnel involved in the design, development, deployment, operation, or oversight of AI Features
  • All customers and authorized users of AI Features, subject to the applicable Master Services Agreement (“MSA”) and Data Processing Addendum (“DPA”)

This Policy supplements, and does not replace, contractual obligations set forth in the MSA, DPA, Privacy Policy, or Order Forms.

2. AI Features Covered by This Policy

Navless AI Features may include, but are not limited to:

  • Content recommendation and ranking (e.g., selecting and ordering content based on context, signals, or engagement)
  • Automated tagging and classification of content
  • Content summarization and transformation (e.g., excerpts, previews, metadata generation)
  • Agent-assisted workflows that help customers identify content gaps, optimize content, or surface relevant material
  • Analytics and insights derived from aggregated engagement signals

Navless AI Features are designed to augment human decision-making, not to replace it.

3. Guiding Principles

Navless governs AI Features according to the following principles:

3.1 Human Oversight

AI Features are designed with human-in-the-loop or human-on-the-loop oversight, allowing customers and Navless personnel to review, configure, and control outputs.

3.2 Risk-Based Design

AI Features are evaluated using a risk-based approach, considering potential impacts on users, customers, and data subjects.

3.3 Transparency of Use

Navless seeks to provide clear information about how AI Features function, their intended use, and their limitations.

3.4 Data Stewardship

AI Features are designed to respect customer data ownership, privacy, and security obligations.

4. Standards Alignment

Navless maintains an AI governance program designed to align with recognized industry standards and best practices, including the principles of ISO/IEC 42001 (Artificial Intelligence Management Systems). Navless does not claim certification under ISO/IEC 42001 unless expressly stated. Alignment reflects Navless’s intent to apply comparable governance, risk management, and lifecycle controls appropriate to its size, products, and risk profile.

Navless maintains internal AI risk management and operational controls consistent with recognized governance frameworks and industry best practices.

5. AI Risk Management

Navless evaluates AI Features across their lifecycle, including:

  • Design and development
  • Testing and validation
  • Deployment and configuration
  • Monitoring and improvement

Risk considerations may include, where relevant:

  • Misuse or unintended use
  • Inaccurate or misleading outputs
  • Bias introduced through data or configuration
  • Automation errors or over-reliance

Mitigation measures may include configuration controls, monitoring, documentation, and human review mechanisms.

6. Data Use and Training

6.1 Customer Data

Customer Data is processed in accordance with the MSA, DPA, and Privacy Policy.

Navless does not use Customer Personal Data to train general-purpose AI models unless expressly agreed in writing.

6.2 Aggregated and Anonymized Data

Navless may use aggregated and anonymized data derived from platform usage to:

  • Improve platform functionality
  • Enhance AI Features
  • Conduct internal research and development

Such data is not used to identify individual customers or end users.

7. Transparency and Limitations

AI Features may produce probabilistic or non-deterministic outputs. Navless does not guarantee that AI outputs are error-free, unbiased, complete, or suitable for any specific purpose.

Customers are responsible for:

  • Reviewing AI outputs before relying on them
  • Determining appropriate use cases
  • Ensuring compliance with applicable laws and internal policies

8. Acceptable Use of AI Features

Customers and users must not:

  • Use AI Features for unlawful, deceptive, or harmful purposes
  • Attempt to reverse engineer AI models or underlying systems
  • Use AI Features to generate content that violates applicable law or third-party rights

Navless may suspend or restrict access to AI Features for misuse or violation of applicable agreements.

9. Monitoring and Continuous Improvement

Navless monitors AI Features to:

  • Identify performance issues
  • Detect anomalous behavior
  • Improve quality and reliability over time

Navless may update or modify AI Features, including underlying models or logic, as part of ongoing improvement.

10. Incident Management

AI-related incidents involving security, privacy, or significant system malfunction are handled in accordance with Navless’s incident response processes and applicable contractual obligations.

11. Policy Updates

Navless may update this Policy from time to time to reflect:

  • Changes in technology
  • Regulatory developments
  • Evolving best practices

Material changes that significantly reduce commitments related to security, privacy, or governance will be communicated in accordance with applicable agreements.

12. Relationship to Other Documents

This Policy should be read together with:

  • Navless Master Services Agreement
  • Data Processing Addendum
  • Privacy Policy

In the event of a conflict, the applicable agreement controls.