§ Legal · responsible AI

Responsible AI & AI Disclosure

Effective 2026-07-09 · Last updated 2026-07-09

Responsible AI at DSE

Data Science & Engineering Experts, Inc. ("DSE," "we," "us," or "our") advises organizations on how to adopt artificial intelligence ("AI") responsibly, and we hold our own use of AI to the same standard we help our clients set. This statement explains how we use AI internally and in client engagements, the governance methodology we apply, and the commitments we make about the data entrusted to us.

This statement is a description of our current practices. It is not a contract, does not create warranties, and does not modify the terms of any agreement between you and DSE. Where this statement and a signed agreement (including a Data Processing Addendum or "DPA") address the same subject, the signed agreement controls.

Scope of this statement

This statement applies to DSE's use of AI in the delivery of its professional services, including AI-governance advisory, data and analytics engagements, and internal business operations. It covers AI systems we operate, AI features embedded in the software tools we use, and third-party AI model and inference providers we rely on to support our work.

Our SaaS product, PrivateStack, publishes its own Responsible AI statement covering how that platform processes tenant prompts and outputs. Where a client engagement is governed by a separate agreement, that agreement's data-handling terms take precedence over this statement.

How DSE uses AI

DSE uses AI in two contexts:

We do not use AI to make final, consequential decisions about individuals on a client's behalf without a human in a position to review and override the outcome. Where an engagement involves AI that could affect individuals' rights, opportunities, or access to services, we treat that as a higher-risk context and apply the additional review described below.

Our AI governance methodology

DSE's internal governance practice is aligned with the U.S. National Institute of Standards and Technology AI Risk Management Framework (NIST AI 100-1, the "AI RMF") and its four core functions:

For engagements where AI may materially affect individuals, our methodology includes an impact-assessment practice: we document the intended use and affected populations, consider foreseeable harms and bias, identify applicable legal and regulatory obligations, and recommend mitigations and human-oversight controls. This practice is a professional methodology, not a guarantee of any particular outcome, and its application is scoped to each engagement.

Our core AI commitments

The commitments in this section are shared, without modification, across DSE's Responsible AI statement and the PrivateStack Responsible AI statement. In this section, "you" and "your" refer to our customers and clients, and "content" means the prompts, inputs, files, and outputs that you provide to, or generate through, our AI systems and services.

Processing of your content

We process your content solely to provide, operate, secure, and support our AI systems and services. We do not use your content for advertising, and we do not sell your content.

No training on your content

We do not use your content to train, fine-tune, or otherwise develop AI models — neither our own models nor those of any third-party provider. We engage AI model and inference providers under commercial (API) terms that do not permit those providers to train their models on your content.

Opt-in service-improvement analytics

We use aggregated, de-identified usage analytics to improve and operate our services only with your opt-in. These analytics are aggregated and de-identified so that they do not identify you or any individual, and they are used to improve our services — not to train AI models. Where you have not opted in, we do not use your content for service-improvement analytics.

AI model and inference providers

We rely on third-party AI model and inference providers to deliver certain features. We disclose the categories of providers we engage — including cloud infrastructure and hosting providers, identity and authentication providers, AI model and inference providers, and analytics providers. A current list of the specific providers we engage is available to customers under our Data Processing Addendum on written request. We engage all such providers under terms consistent with the commitments in this statement.

Human oversight

A qualified person remains accountable for AI-assisted work. We design our AI uses so that a human can review, correct, or override AI outputs, and we do not rely on AI to make final consequential decisions about individuals without a person in a position to review the outcome.

Data retention and deletion

We honor verified deletion requests as required by applicable law and our agreements. Following termination of an account or conclusion of an engagement, we purge the associated content within 30 days, except that residual copies contained in encrypted backups age out on our standard backup-rotation schedule. We retain records for longer only where required by law, such as for tax, legal-hold, or other legal-retention obligations.

Security safeguards

We protect content processed by our AI systems using safeguards including encryption in transit (TLS 1.2 or higher) and at rest (AES-256), least-privilege access controls, multi-factor authentication for administrative access, storage of credentials in managed secret storage rather than in source code, and audit logging. In the event of a security incident affecting your content, we will notify affected parties without undue delay and as required by applicable law.

Framework alignment

Our AI governance is designed to align with the NIST AI Risk Management Framework (AI RMF). Alignment describes the framework we apply to our own practices; it is not a certification, accreditation, or attestation by any third party, and no such alignment guarantees any particular result.

Limitations and no warranty

AI systems can produce outputs that are inaccurate, incomplete, or unsuitable for a given purpose. You are responsible for reviewing AI-assisted outputs before relying on them. This statement describes our practices and does not create any warranty or contractual commitment; any warranties, disclaimers, and limitations of liability are governed exclusively by the agreement between you and Data Science & Engineering Experts, Inc.

Changes to this statement

We may update this statement from time to time. When we do, we will revise the effective date above and post the updated statement. Material changes take effect upon posting unless a later date is stated.

Our commitments to client data

In a consulting engagement, the client remains responsible for its own data and, where applicable, is the controller or business with respect to that data; DSE acts as a service provider or processor and handles client data in accordance with the engagement agreement and the core AI commitments above. We support our financial-institution and other regulated clients in meeting their own compliance obligations, and we handle client data on a need-to-know, least-privilege basis for the purpose of delivering the engaged services.

Questions and contact

For questions about this statement or DSE's use of AI, or to make a privacy-related request, contact us at legal@thedataexperts.us, or use the privacy request form available on this Site. Requests may include access, correction, deletion, or opt-out request types where applicable law provides those rights.

Data Science & Engineering Experts, Inc.
8735 Dunwoody Place #5714, Atlanta, GA 30350
This statement is governed by the laws of the State of Georgia, without regard to its conflict-of-laws principles.