BirdEye, Inc. Generative AI Policy and Legal Terms
Last Updated: September 1, 2023
At BirdEye, Inc. (“Birdeye”), we recognize the value in leveraging the use of generative artificial intelligence (“Generative AI”) in our Services (as “Services” are defined in our Terms and Conditions); however, we also believe that Generative AI is a feature of our Services and not a replacement for them. We have therefore created this Generative AI Policy (“Generative AI Policy”) so that our employees, contractors, Clients and Partners understand the importance of the risks inherent in using Generative AI while at the same time mitigating legal concerns, addressing ethics issues, and establishing decision making processes around the use of Generative AI in the workplace and within the Services. This policy applies to all data that is not on Birdeye’s Virtual Private Cloud (hosted by AWS) which is segmented by user and Client or Partner.
This Generative AI Policy provides guidance and rules for the responsible use of Generative AI by our employees, contractors, Clients and Partners, so that everyone with access to the Services can continue to access and use Generative AI for the good of the online reputation management industry, without harming individuals, businesses, society or breaking any laws.
Birdeye acknowledges that the use of Generative AI within the Services and in the workplace raises several legal concerns. To ensure compliance with local, state, and federal laws, our Services (and the personnel involved in the rendering of such Services, if any) will adhere to the following:
- Data privacy: Ensure that Birdeye Generative AI tools or features comply with data protection laws, and that any personal or sensitive data is handled with the appropriate care.
- Fair employment practices: Birdeye will not use Generative AI to discriminate against any individual based on their protected characteristics, such as race, gender, age, or disability.
- Intellectual property: Birdeye ensures that our Generative AI tools or features do not infringe on the intellectual property rights of others.
- Liability: Birdeye will, to the maximum extent required by law or contract, take reasonable responsibility for any harm caused by the legitimate use of our Generative AI tools or features, and we will maintain insurance coverage to protect against potential legal claims.
Birdeye recognizes the ethical implications of using Generative AI in the workplace. To ensure that we use Generative AI for the benefit of our employees, contractors, Clients and Partners, as well as society as a while, Birdeye will adhere to the following principles:
- Transparency: Birdeye’s Generative AI tools and features and use of Generative AI will be transparent, and we will inform our employees, contractors, Clients and Partners about how we use AI and how we use Generative AI and the data we use to power the Generative AI models.
- Fairness: We will ensure that our Generative AI tools and features are fair and unbiased, and we will regularly evaluate and audit such tools and features to identify and address any biases.
- Human oversight: We will ensure that our employees have the ability to override any decisions made by our Generative AI tools and features and that human oversight is always present in the decision-making process, when applicable.
- Privacy: We will respect the privacy of our employees, contractors, Clients and Partners and ensure that any data collected is used only for legitimate purposes and in compliance with any legal confidentiality obligations.
Privacy, and the protection of confidential information, is of utmost importance to Birdeye in the use of Generative AI tools and features in its Services. “Confidential Information” includes:Birdeye Confidential Information
Birdeye confidential data refers to sensitive information that is considered proprietary, secret, or highly valuable to Birdeye. It typically includes any data or knowledge that, if disclosed or accessed by unauthorized individuals, could potentially harm the company's competitive advantage, reputation, financial stability, or legal standing. Business confidential data can take various forms, such as:
- Trade Secrets: Proprietary formulas, manufacturing processes, algorithms, recipes, or other intellectual property that provide a competitive edge.
- Financial Information: Non-public financial statements, revenue figures, profit margins, pricing strategies, budgets, or investment plans.
- Customer Data: Personal identifiable information (PII) of customers, including names, addresses, contact details, purchase histories, preferences, or transaction records.
- Research and Development (R&D) Data: Unpublished research findings, experimental data, prototypes, product designs, technical specifications, or future product plans.
- Marketing Strategies: Market research data, target audience insights, advertising campaigns, branding strategies, or upcoming product launches.
- Non-Disclosure Agreements (NDAs): Contracts or agreements between parties that outline the confidential information shared and the restrictions on its use and disclosure.
- Internal Operations Information: Employee records, salary details, HR policies, strategic plans, organizational structures, or operational procedures.
- Partnership and Supplier Information: Contractual agreements, pricing agreements, supplier lists, or negotiations with business partners.
Birdeye protects confidential data through security measures, such as restricted access controls, encryption, non-disclosure agreements, employee training, and regular audits, to mitigate the risk of unauthorized access or disclosure that could harm the company's interests.Client or Partner Confidential Information
Client or Partner Confidential Information (“Customer Confidential Information”) refers to sensitive information related to Clients, Partners or Partner’s end users that Birdeye collects, stores, or processes as part of its Services (“Client”, “Partner” or “Partner End User” may collectively be referred to as a “customer” in this section for ease of reference). This data is considered private and confidential, and its protection is essential to maintain customer trust and comply with privacy regulations. Customer Confidential Information includes:
- Personal Identifiable Information (PII): This includes a customer's name, address, phone number, email address, social security number, date of birth, or any other information that can be used to identify an individual.
- Financial Information: Credit card numbers, bank account details, payment history, or any other financial data associated with a customer.
- Purchase History: Information about products or services purchased, transaction dates, order details, invoices, or receipts.
- Communication Records: Records of customer interactions, such as call recordings, chat logs, or email correspondence.
- Preferences and Behavioral Data: Information on customer preferences, interests, buying patterns, website browsing history, or demographic data.
- Health or Medical Data: In certain industries like healthcare, customer confidential data may include medical records, treatment information, or health-related details.
- Social Media Data: Information collected from customers' social media accounts, such as profiles, posts, or engagement data.
- Surveys and Feedback: Responses provided by customers in surveys, feedback forms, or customer satisfaction ratings.
Birdeye will handle customer confidential data with utmost care and ensure compliance with applicable data protection regulations, such as the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA). This involves implementing secure data storage, encryption, access controls, regular data audits, and obtaining proper consent for data collection and usage. Protecting customer confidential data helps maintain privacy, prevent data breaches, and safeguard customers from potential identity theft or fraud.
Birdeye will never use the data obtained from its Clients, Partners or their end users to train any AI models and will ensure that any third party provider of AI technology and Services (ie, Google, Microsoft, etc.) also does not allow such data to be used to train AI models.AI decision-making principles:
Birdeye is committed to making decisions about the use of Generative AI that are responsible, ethical, and aligned with our values. To guide our decision-making process, we will adhere to the following principles:
- Human-centered: We will prioritize the needs and well-being of our employees and customers over the potential benefits of using Generative AI.
- Social responsibility: We will consider the impact of our Generative AI tools and features on society as a whole, and we will ensure that our tools do not harm individuals or communities.
- Continuous improvement: We will continually evaluate and improve our Generative AI tools and features to ensure that they align with our values and meet the needs of our employees and customers.
- Transparency: We will be transparent about our decision-making process and communicate openly with our employees and customers about how and why we use Generative AI.
At Birdeye, we recognize the potential benefits and pitfalls of using Generative AI as a feature to our business and the Services offered to our customers. And, we know that these new technologies, like Generative AI, should not be treated as a replacement for employees doing their own work.
Additionally, we also acknowledge the legal concerns and ethics issues surrounding the use of Generative AI in the workplace and commit to continuously monitoring the evolving legal landscape of Generative AI and its oversight.
By adhering to our policy and decision-making principles, we can use AI in a responsible and ethical manner that aligns with our values and benefits our employees, customers, and society.