AI Policy | Konstantly

Konstantly is committed to providing customers with innovative and efficient services. As part of our service offerings, we may use Artificial Intelligence ("AI") technologies, including those provided by third parties, to enhance the efficiency, accuracy, and overall performance of the services we deliver. This includes the use of generative AI technology, which typically relies on machine learning, deep learning, or neural networks to generate new content.

In this Policy we:

set out how Konstantly uses AI, including models from third-party providers
give customers clarity on how AI may be used when we provide our services
describe how we use AI to improve our services and meet our goals
explain how the Model Context Protocol (MCP) integration works when you connect your Konstantly workspace to a third-party AI agent of your choice (such as Claude Desktop, Cursor, or ChatGPT)

If you have questions about how we use AI to process your data (including personal data), please email us at support [at] konstantly [dot] com. This Policy is not intended to be contractual. Please refer to our Terms and Conditions and the Data Processing Agreement (referenced in our Data Security policy) for relevant contractual terms regarding our services, including AI.

1. AI Features in Konstantly

Konstantly currently offers the following AI-powered features. Each is documented on our website and in our knowledge base.

Ask Konstantly — an in-platform AI assistant that helps you create content, answer questions about features, and navigate the platform
AI course generation — generate course structures, slides, questions, and surveys from prompts or uploaded source materials
Source material processing — extract and chunk text from PDFs, documents, and images you upload as course-creation context
MCP Server — an optional integration that allows external AI agents (such as Claude Desktop, Cursor, or any other Model Context Protocol- compatible agent) to read and act on your Konstantly workspace data through API keys you control

AI features are optional. You may use Konstantly without using any AI features. Workspace administrators can disable specific AI features through Settings.

2. Ethical Guidelines

We're committed to using AI responsibly. That means following ethical guidelines built around fairness, accountability, transparency, human oversight, inclusion, and non-discrimination. We regularly review and improve how we use AI to make sure it meets best practices and industry standards.

We're open with customers about how and when we use AI. That's why we publish this Policy on our website and list AI providers that process personal data in our DPA.

Konstantly's AI features are not intended to be used for AI-driven automated decision-making with legal or similarly significant effects for individuals, or for any purpose that would be considered "high risk" under the EU's AI Act. Specifically, Konstantly is a learning-management system; our AI features assist with content creation, knowledge queries, and training-data analysis. We expect our customers not to use Konstantly to make hiring, firing, promotion, compensation, or similar high-stakes employment decisions based solely on AI output.

3. Privacy and Security

We put appropriate safeguards in place to protect customer data from unauthorized access or disclosure when using AI.

Where customer data includes personal data, we process it in line with our Data Processing Agreement (DPA), which is signed when you start using Konstantly. We use physical and electronic safeguards to prevent personal data from being accidentally lost, misused, accessed without authorization, altered, or disclosed. We also have procedures in place to promptly notify customers in writing if we become aware of a personal data breach.

Before allowing any supplier, including third-party AI providers, to access customer data, we carry out appropriate due diligence and will update our sub-processor list in line with our DPA.

4. Employee Training

We ensure that all employees and contractors receive training on AI use and this Policy at least once a year. We keep records to show that training has been completed.

5. Use of Third-Party AI Models

We only build and use AI systems that are robust, secure, and safe. To deliver our services, we may use third-party AI models. These models help us support and improve the functionality of our services. We may switch AI models or engage new third-party providers at any time, in line with our DPA.

When we use third-party AI models, those providers may process customer data, including metadata.

The following providers are currently used as part of Konstantly's own AI features (Ask Konstantly, AI course generation, source material processing):

Google (Gemini) — generative AI model used for course generation, content suggestions, and the Ask Konstantly assistant. See Google's Generative AI Prohibited Use Policy.

When using AI features within our services, please ensure you review and comply with the relevant third-party documentation and terms linked above.

6. Model Context Protocol (MCP) Integration

Konstantly offers an optional integration called the MCP Server (technical name: @konstantly/mcp-server) that enables you to connect your Konstantly workspace to a third-party AI agent of your choice, such as Claude Desktop, Claude Code, or Cursor, via the open Model Context Protocol.

When you install and use the MCP integration with a third-party AI agent, the workspace data you query is sent to that AI agent provider as part of normal operation. The agent then uses Konstantly tools to read or modify your workspace data based on your prompts. Konstantly facilitates this connection by providing the MCP server and managing authentication, but we are not the controller of how the third-party AI provider processes the data once it leaves our service.

Before installing the MCP integration with a specific AI agent, please review that provider's privacy, usage, and data-handling policies. AI agents commonly integrated via MCP include:

Anthropic (Claude Desktop, Claude Code) — Usage Policy, Supported Regions
OpenAI (ChatGPT, when MCP support is generally available) — Usage Policies, Supported Countries
Other MCP-compatible agents (Cursor, internal company agents, custom integrations) — refer to each provider's own policies

If you do not wish for your workspace data to be processed by third-party AI providers, do not install or use the MCP integration. Workspace administrators can:

Revoke MCP API keys at any time from Settings → MCP Keys
Decline to enable the MCP integration on your workspace's license at all (contact your account manager)

Every action taken by an external AI agent through the MCP integration is recorded in your workspace's Action Log (audit trail), tagged so you can distinguish agent-driven actions from actions taken by human administrators through the browser UI.

7. Training Models

We don't train our own AI models on customer data. We don't allow third-party AI providers we engage on our behalf (such as Google Gemini for Ask Konstantly and AI course generation) to train their models on customer data either; we use enterprise-tier API access where this is contractually prohibited.

For the MCP integration: third-party AI agents that you choose to install (such as Claude Desktop, Cursor, ChatGPT) operate under their own terms with you directly. Whether those providers train their models on data passing through their services is governed by your agreement with them, not by Konstantly. We recommend you review their data-handling and training-opt-out policies before connecting them to a Konstantly workspace containing sensitive data.

8. Location of AI Models

If we use a third-party AI model as a sub-processor, our DPA outlines where they are based and what transfer mechanism we rely on when transferring personal data to that sub-processor (for example, Standard Contractual Clauses).

Please note that we use global endpoints for the AI providers we currently use, and therefore processing may occur outside of the location of the AI provider itself. Our agreements with them require any such transfers to be in accordance with a valid transfer mechanism.

9. Recording and Tracking Usage of AI

We maintain appropriate records of our use of AI tools, including how they are used within our services. Specifically:

Per-customer AI usage telemetry — every AI generation request (Ask Konstantly, AI course generation, source material processing, MCP tool invocation) is logged with the requesting user, intent type, duration, and success status. Workspace owners can view their tenant's AI usage in Settings.
Audit log for actions — when AI or an AI agent performs an action that changes workspace data (assigning a course, editing a user, revoking a key), an audit log entry is created with the actor, timestamp, and source (UI vs MCP agent).

We aim to be transparent about these practices and can provide further information on request.

10. Customer Responsibilities

When using AI features in Konstantly, you are responsible for:

Ensuring you have authority to upload any source materials (PDFs, documents, images) into Konstantly for AI processing, including respecting copyright, confidentiality, and consent obligations
Reviewing AI-generated content (course structures, questions, summaries) for accuracy, appropriateness, and compliance with your organization's standards before publishing or assigning
Configuring access controls (roles, permissions, license restrictions) so that AI features are available only to the users for whom they're appropriate
For the MCP integration: choosing which third-party AI agents to connect, and reviewing their data-handling policies before granting them access via an MCP API key
Treating MCP API keys as confidential credentials — see our MCP setup guide for key management best practices

11. Changes to this Policy

Our services are always evolving, including the AI models and technologies we use. We may update this Policy to reflect changes in how we use AI, the third-party services we rely on, or our operational practices. We encourage you to check this Policy regularly for updates. We may not always notify you directly of changes; material changes affecting how we process personal data will be communicated in accordance with our DPA.

Contact Information

If you have any questions about how we use AI, or want to know more about our data handling practices, you can reach us at: support [at] konstantly [dot] com