Responsible AI Statement
Cyber Horizon Intelligence Ltd
Last Updated: 11 July 2026
AI is built into Cyber Horizon Intelligence to help security and compliance teams work faster. Because we sell to that audience, we hold ourselves to the same standard we help our customers meet. This statement explains how we use AI, what we do with your data, and the limits of what AI-generated output should be relied on for.
1. Where We Use AI
AI assists across several features, including the Horizon AI Copilot, questionnaire answer drafting, threat enrichment and attribution, risk and vendor analysis, and the generation of summaries, drafts, and recommendations. In each case, AI produces suggestions and drafts — it does not take actions or make decisions on your behalf.
2. Human Oversight
AI-generated output is designed to assist, not replace, professional and human judgement. You remain responsible for reviewing and verifying output before relying on or acting on it. We do not use AI to carry out automated decision-making or profiling that produces legal or similarly significant effects on individuals (see our Privacy Policy).
3. Your Data and Model Training
- We do not use your content to train foundation models, and we do not sell your data.
- When a feature calls an AI model, the relevant prompt is processed to generate a response for you and is not used by us to train models.
- Our AI sub-processor processes prompts under contractual terms that do not permit using your data to train its foundation models.
- Customer data remains logically isolated per organisation and is not exposed to other customers through AI features.
4. AI Sub-processor
We use Anthropic as our AI sub-processor for assistant, analysis, and report features. Transfers are covered by our Data Processing Agreement, including Standard Contractual Clauses and the UK Addendum where applicable. Our current sub-processors are listed on our Sub-processors page.
5. Accuracy and Limitations
AI-generated output may be incomplete or inaccurate. It is provided to assist your work and does not constitute legal, regulatory, or professional advice. Do not treat AI output as a guarantee of compliance, certification, or security. Always review and verify before relying on it, particularly for regulated or high-impact decisions.
6. Security and Confidentiality
AI features operate under the same security controls as the rest of the platform, including encryption in transit and at rest, role-based access control, and tenant isolation. See our Information Security Policy.
7. Governance
We monitor developments in AI regulation, including the EU AI Act and emerging AI management standards such as ISO/IEC 42001, and adjust our practices as they mature. Where we introduce materially new AI capabilities, we assess their data-handling and risk implications first, and we will update this statement as our use of AI evolves.
Contact
Questions about our use of AI: privacy@cyberhorizon.co