AI Transparency
Last updated: 09.07.2026
This statement explains how AutoPhish uses artificial intelligence (AI) within the platform. It supplements our Service Privacy Policy, Terms of Service, and Data Processing Agreement.
1. What We Use AI For
AutoPhish primarily uses AI to create and improve campaign and training content. This includes in particular:
- Drafts for simulated phishing emails and smishing messages
- Wording, scenarios, and learning prompts for security awareness training
- Explanations of typical warning signs in simulated messages
- Limited editorial support for AutoPhish-owned content, such as blog SEO title suggestions
AI supports content creation. The platform remains a tool for training, simulation, and reporting on behalf of the customer.
2. Safeguards Before AI Use
When AutoPhish prepares company and target-list context for AI-generated campaign content, it applies technical filters designed to keep known personal data out of LLM prompts.
Known personal names from structured company and target data, as well as detected email addresses, phone numbers, and IPv4 addresses in the filtered context, are replaced with technical placeholders. Placeholder restoration happens locally within the AutoPhish platform.
Operational data such as user agents, clicks, opens, login interactions, training status, and individual behavioral data is not included in these content-generation prompts.
3. No AI Assessment of Individuals
AutoPhish does not use AI to assess, classify, profile, rank, or make automated decisions about individuals.
Reports, risk values, and security scores are based on platform events and rules, for example whether a simulated message was opened, a link was clicked, a report was submitted, or training was completed. These evaluations are not AI-based.
4. No Customer-Data Model Training by AutoPhish
AutoPhish does not train AI models with customer data or submit customer data for that purpose.
Personal data is not submitted to AI systems for marketing or profiling.
AutoPhish uses personal data only for the purposes described in the Service Privacy Policy and the Data Processing Agreement.
5. Training and Responsible Use
All AutoPhish employees are trained in the responsible, secure, and privacy-compliant use of AI.
We review AI features before use for purpose limitation, data minimization, security, and privacy. Changes to AI-supported functionality are designed to preserve and improve these filtering controls.
6. Questions
For any questions about AI use in AutoPhish, please contact:
QADS e.U.
Email: support@autophish.io