Scompler AI Security Controls
Scompler AI is built on the same security foundations as the rest of the Scompler platform, with additional controls specific to how we operate AI features. AI processing runs entirely within the European Union on AWS Bedrock, customer data is never used to train models, and all outputs remain under human editorial control.
- Architecture and data residency
- Sub-processors
- Data sent to AI processing
- Web search providers
- Model training and tenant isolation
- Retention of prompts, outputs and logs
- Audit logs for AI usage
- Data handling at contract end
- Protection against prompt injection and adversarial attacks
- Safeguards against toxic or inappropriate output
- EU AI Act Article 50(2)
- Alignment with responsible AI practices
- Service level and resiliency
- Incident management
Architecture and data residency
Scompler AI runs on AWS using Amazon Bedrock with EU-only Inference Profiles. Requests are routed only within the European Union, and customer content is processed in the AWS Region used for inference. No data leaves the EU during AI processing.
Scompler uses standard foundation models provided by AWS Bedrock (Amazon Nova and Anthropic Claude). We do not train or fine-tune our own models. Data is encrypted in transit via TLS 1.3 and at rest with AES-256.
The statements above describe Scompler AI's core inference, which runs entirely within the EU on AWS Bedrock. One optional feature, Web Search, sends a search query to an external search provider so that the assistant can retrieve current information from the public internet. Web Search is disabled by default and is activated for each project by an administrator. The default provider is Linkup, which processes queries within the EU. An administrator may instead select Brave Search, which processes queries in the United States. See the Web Search providers section below.
Sub-processors
Core AI inference. AWS is the only sub-processor involved in handling AI requests. AWS Bedrock does not store, log, or share customer inputs or outputs, and no third-party model providers receive or process this data.
Optional Web Search. If a project administrator enables the optional Web Search feature, one additional search provider acts as a sub-processor for that project, and only for the search queries sent to it. Web Search is disabled by default and is enabled for each project. The available providers, their locations, and their data-handling terms are listed under the Web Search providers section below.
Data sent to AI processing
Depending on the active feature, the following content can be passed to AWS Bedrock for AI inference: topics, stories and articles and their properties; content strategy, personas and content models; object attachments and uploaded documents; and free-text input entered by users in the AI assistant.
The system does not restrict what a user enters into the AI assistant. Personal data can technically be included in prompts if users enter it manually. We recommend avoiding personal data in AI prompts. The customer remains responsible for the lawfulness of all data entered into the AI.
When the optional Web Search feature is active, a search query derived from the user's request is additionally sent to the selected external search provider (see the Web Search providers section). The full prompt, project content, and conversation history are not sent to the search provider.
Web search providers
Web Search is an optional feature that lets Scompler AI look up current information on the public internet. It is disabled by default and must be activated for each project by an administrator, who accepts additional terms before the feature becomes available. When Web Search runs, Scompler sends a search query, derived from the user's request, to the selected provider and receives public search results in return. Only the query is transmitted. Project content, strategy data, conversation history, and uploaded documents are not sent. As with any AI input, we recommend avoiding personal data in search queries, because a query may be forwarded to the provider.
Administrators select one provider per project. The default is Linkup (EU). The difference between the providers is where queries are processed.
Linkup (default, EU)
- Data residency: search queries are processed within the European Union.
- Role: data processor under the GDPR, under an Article 28 data processing agreement.
- Default retention: search queries and results are subject to Linkup's standard data retention, which is up to 3 years after the last interaction.
Brave Search (US)
- Data residency: search queries are processed in the United States. Because this is a transfer outside the EU, it takes place under the EU Standard Contractual Clauses incorporated in Brave's data processing addendum. The EU-only data residency described elsewhere does not apply to queries sent to Brave Search.
- Role: Brave's DPA covers account and operational data. Brave takes the position that API search query data is not personal data and excludes it from the scope of the DPA. The customer remains responsible for the lawfulness of the queries sent.
- Default retention: search query logs are retained for up to 90 days for billing and troubleshooting.
Choosing a provider
Customers who require processing within the EU only should keep the default, Linkup. Brave Search is offered as a US-based alternative for customers whose data-protection policies permit transfers to the United States under Standard Contractual Clauses. Enabling either provider adds it as a sub-processor for that project. If Web Search is not enabled, Scompler AI operates as before, with AWS as the only sub-processor.
Each provider documents its own security controls, certifications, data processing agreement, Standard Contractual Clauses (where applicable), and sub-processor list in its trust center. Further information can be found in the following provider resources: Linkup, at https://trust.linkup.so/; and Brave Search, at https://trust.brave.app/.
Model training and tenant isolation
AWS Bedrock does not store or log prompts and completions, does not use them to train any models, and does not share them with third parties. AWS documents this commitment in the Bedrock data protection guide.
Within the Scompler platform, the row-level security approach used across the product also applies to AI features. Each user can only access the data rows they are authorized to view or interact with, and AI requests are scoped to those same permissions. Cross-customer data access is architecturally prevented.
Retention of prompts, outputs and logs
AI prompts and outputs sent to AWS Bedrock are not stored or logged by AWS. Retention at the model provider level is effectively zero days.
Within the Scompler platform, AI conversation history is stored to support product functionality such as continuing an existing conversation. This data is stored in the EU (Frankfurt, Germany) and remains available until the associated entity (e.g., topic, story, article) is deleted. Once that entity is removed, the related AI conversation data is also deleted.
Where the optional Web Search feature is enabled, the selected search provider retains data under its own policy. By default, Linkup applies its standard data retention of up to 3 years after the last interaction, and Brave Search retains search query logs for up to 90 days for billing and troubleshooting. These logs are held by the provider, not by Scompler.
Audit logs for AI usage
AWS Bedrock does not store or log prompts or outputs, so no model-level audit logs are generated at the AWS layer.
Within the Scompler platform, AI usage is recorded as part of the standard product audit trail. These events capture who performed an action, when it occurred, and what type of AI function was used. Prompts and outputs are not included in audit logs; conversational content remains within the relevant conversation and follows its retention rules.
Data handling at contract end
All customer data stored in the Scompler platform is deleted within 30 days after the contract end date, or after an agreed data export handover, whichever comes first. Customers can export their data at any time before termination, and we recommend doing so before the contract ends.
At the AWS Bedrock layer, no additional deletion step is required, as prompts and outputs are not stored at any point.
Protection against prompt injection and adversarial attacks
Protection is implemented at multiple layers.
At the model level, Amazon Nova and Anthropic Claude include built-in alignment and safety mechanisms designed to resist adversarial inputs and instruction-override attempts. These protections are always active.
At the infrastructure level, all model access is API-only via AWS Bedrock. There is no direct model access or exposure of model files, which significantly limits the attack surface.
At the application level, Scompler AI can only access data within the requesting user's existing permissions. All outputs are presented as drafts subject to human review, and no autonomous actions are executed.
Model and data poisoning are not applicable, as Scompler does not train or fine-tune custom models.
Safeguards against toxic or inappropriate output
Amazon Nova and Anthropic Claude include built-in content safety systems covering categories such as hate speech, sexual content, violence and self-harm. These are always active. Scompler is also evaluating additional configurable safeguards as part of its ongoing security management process.
EU AI Act Article 50(2)
Article 50(2) of the EU AI Act requires that outputs of generative AI systems be marked in a machine-readable format and detectable as artificially generated.
Scompler uses foundation models provided by AWS and Anthropic via AWS Bedrock and does not develop or fine-tune its own AI models. We therefore rely on these providers to implement the technical mechanisms required by Article 50(2), such as metadata-based tags, invisible watermarking, and C2PA specifications for visual media. For text generation, which is the current focus of Scompler AI, both AWS and Anthropic prioritise transparency through their AI service cards and voluntary safety commitments.
Article 50(2) also includes an exemption for AI systems that perform an assistive function for standard editing or do not substantially alter the input data. Scompler AI operates strictly as an assistive tool, with all outputs subject to human review and editorial control, so its use falls within the scope of this exemption.
Alignment with responsible AI practices
Scompler is not formally certified against a specific AI standard. We align our development and deployment practices with widely accepted responsible-AI principles and the current state of the art:
- Human in the loop by design: Scompler AI is strictly assistive, users initiate actions and retain full control.
- Permission-bounded operation: Scompler AI can only access or create data within the requesting user's existing permissions.
- Transparency: we communicate how Scompler AI works and aim for predictable, explainable interactions.
- Use of reputable foundational model providers (AWS and Anthropic) who themselves align with major frameworks.
- Continuous evaluation: we monitor system behaviour and update our practices as technology and standards evolve.
Service level and resiliency
Scompler AI is covered by the same SLA as the main Scompler platform: 99.5% availability per calendar month, multi-AZ AWS deployment for redundancy, encrypted backups, and planned maintenance windows announced at least 48 hours in advance. Full SLA documents are available in German and English at https://scompler.com/en/terms-and-conditions/.
Incident management
Security incidents affecting AI features follow the same structured incident management process used across the Scompler platform, governed by our ISO 27001-certified ISMS. Incidents can be reported through the support chat or via support@scompler.com, and data breaches are handled in line with GDPR notification obligations.