Introduction
Bureau Works is committed to delivering secure, predictable, and responsible AI augmentation for translation and localization workflows. Our AI strategy prioritizes data sovereignty, compliance, and transparency. This policy outlines how Bureau Works develops, deploys, and governs its AI features, as well as how we treat customer data in connection with AI interactions.
1. AI Development Principles
Stateless by Design
Bureau Works integrates only stateless AI models. Each request is processed independently, with no memory of past interactions. This prevents data retention, leakage, or contamination risks.
Retrieval-Augmented Generation (RAG)
We use a proprietary RAG framework to optimize prompts and deliver context-sensitive translations. This approach enables precise, predictable outputs without retraining base models.
Deterministic and Reproducible Outputs
Identical inputs always yield identical outputs, reducing drift, bias, and unpredictability.
Customer-Controlled Augmentation
Customers’ AI augmentations can be pointed to their own instances of LLMs to align with internal compliance requirements, industry regulations, and data residency standards.
Vendor Neutrality
Bureau Works supports multiple AI model providers (e.g., Microsoft Azure, Cohere, Ollama) and avoids lock-in, allowing customers to select the provider that best meets their governance needs.
2. Data Collection and Usage
Customer Data Sovereignty
All customer data resides exclusively within the subscriber’s Bureau Works account. Bureau Works never uses customer content or metadata to train external AI models.
Anonymized Metadata
We may collect anonymized, aggregated metadata (e.g., project volumes, average task completion time) strictly for platform performance optimization.
Data Residency and Ownership
Subscribers retain full ownership of their data. Bureau Works guarantees that customer data is not shared with third parties for model training or external analysis.
3. Privacy and Security
Encryption
All data is encrypted in transit using TLS and at rest using AES-256 encryption. Keys are stored securely in AWS Key Management Service (KMS).
SOC 2 Type II Certification
Bureau Works undergoes annual third-party audits to validate the effectiveness of our data protection and operational controls.
Access Control
Customer data access is governed by role-based access control (RBAC), multi-factor authentication, and a strict least-privilege model. All access is logged and auditable.
Data Portability and Deletion
Customers can export all of their data at any time and request permanent deletion, in compliance with GDPR, HIPAA, and other data protection regulations.
4. Responsible AI Governance
Retention Policy
Temporary data generated during AI interactions is deleted within 30 days unless a subscriber configures otherwise.
Model Compliance
Integrated AI models must comply with Bureau Works’ model security protocols, including stateless configuration, encryption, and deletion guarantees.
Bias and Fairness
Context-sensitive AI reduces bias and improves accuracy by combining translation memories, glossaries, and customer-specific terminology in real time.
Auditability
Every AI interaction can be traced and reviewed for compliance and quality assurance.
5. Commitment to Customers
Bureau Works balances innovation with rigorous compliance. Our AI strategy ensures that:
Customers have exclusive control and ownership over their data.
AI features remain transparent, stateless, and compliant with global data protection laws.
Subscribers can integrate their own AI instances to meet specific regulatory or operational requirements.
Our technology evolves responsibly, with ongoing audits and governance updates.
Contact
For more information about Bureau Works’ AI policy or to request compliance documentation, contact: [email protected]