Activation of AI features in SoftExpert Suite is optional and controlled and occurs through the acquisition of SoftExpert Copilot credits. To do that, perform the following steps:

1. Access the Configuration > Configuration > Manage account (CM053) menu.
2. Select Add-ons > Copilot credits and click on Purchase.
3. Define the desired Number of credits and click on Purchase.
4. Read the Terms of use and click on Confirm purchase.
5. In moments, the credits will be available for use.

Simply purchasing credits does not automatically unlock the use of AI for users. After acquisition, the environment administrator must explicitly define which user groups will have access permission, to ensure full control over usage.

Access to AI resources is restricted and controlled by permissions.

Management is performed through access groups, in the Configuration > Access group (CM011) menu.

Only users belonging to groups with the Other permissions > AI features permission enabled will have access to AI resources.

Yes. SoftExpert Suite provides complete auditing and traceability mechanisms for the use of AI functionalities.

Through the Configuration > View > Integration history (COP020) menu, it is possible to audit:

• All executions performed with AI.
• Date and time of executions.
• Responsible user.
• Request status.
• Technical integration information.

These records allow full traceability and meet the requirements for auditing, governance, regulatory compliance, and internal investigations.

Yes. Deactivation can be performed in two ways:

1. Access groups: uncheck the Other permissions > AI features permission in the Configuration > Access group (CM011) menu.
2. Specific feature: through the Integration center (COP010), remove the API configuration for the desired feature.

No. The default AI models used by SoftExpert Copilot are pre-trained and operate exclusively for inference, and do not perform any form of continuous learning, fine-tuning, or adaptation based on customer data.

No customer data, including prompts or generated responses, is used for training, re-training, or improving AI models.

This policy is valid for SoftExpert, AWS, and the default model provider (Anthropic).

SoftExpert Copilot operates within the AWS infrastructure used by SoftExpert Suite.

AI requests are securely routed to managed AWS services (Amazon Bedrock) and always remain within the AWS environment, in the same configured region, without transferring data to external environments, on-premises environments, or environments outside the AWS ecosystem.

Processing occurs as follows:

1. The user sends a request (prompt) from SoftExpert Suite.
2. The request is processed temporarily and securely.
3. The AI ​​model generates the answer.
4. The response is returned to the user.

During this process:

• Data is not stored for training purposes.
• Data is not reused.
• Data is not shared with third parties.

All processing takes place in a certified, auditable environment, aligned with international information security, privacy, and AI governance standards.

Yes. SoftExpert Suite adopts a complete isolation model per tenant.

Each customer (tenant) has an exclusive database, storage, and access credentials, ensuring complete isolation of information and preventing any access or sharing between customers.

No. SoftExpert Copilot does not perform internet browsing, searches on public websites, or integrations with external third-party APIs. The only external communications permitted are technical and controlled calls to the Amazon Bedrock service, for the sole purpose of inferring AI models.

Only data strictly necessary for inference, such as:

• Prompt content.
• Minimum technical context for processing.

Data travels encrypted in transit (TLS) and is not stored, reused, or shared after processing.

Yes. SoftExpert and Amazon Web Services (AWS) have recognized international certifications, which attest to maturity in information security, data privacy, and AI governance.

The main certifications are:

• SoftExpert: ISO 27001:2022.
• AWS: ISO 27001, ISO 27701, and ISO/IEC 42001.

These certifications reinforce the commitment to good practices, risk management, regulatory compliance, and responsible use of Artificial Intelligence.