Responsible AI Policy
SusTern AI-Commerce™ — provided by SusTern™ Inc.
Last updated: February 21, 2026
At SusTern™, our primary goal is to build AI-powered solutions that help businesses overcome data overload and process inefficiencies. We are committed to responsible AI development, addressing ethical and practical challenges alongside our ambition to improve supply chain management for small and medium-sized businesses (SMBs).
Table of Contents
- Human Oversight and Accountability
- Cybersecurity
- Data Privacy and Governance
- Fairness and Equity
- Safety
- Compliance with Legislation and Regulatory Requirements
Our Commitments
The following measures outline how we strive to manifest our commitment to Responsible AI:
| Area | Commitment |
|---|---|
| 🧑💼 Human Oversight | Feedback mechanisms and transparent decision-making |
| 🔒 Cybersecurity | Secure cloud infrastructure and ongoing security practices |
| 🛡️ Data Privacy | Comprehensive data use policies and compliance |
| ⚖️ Fairness & Equity | Proactive bias mitigation and equitable access |
| 🦺 Safety | Harm prevention and rigorous testing |
| 📋 Compliance | Adherence to applicable laws and regulatory requirements |
1. Human Oversight and Accountability
🔄 Feedback Mechanisms
We are designing our AI solutions to include robust feedback mechanisms, allowing customers to provide input directly. A dedicated review board will analyze this feedback to ensure appropriate action and iterative improvement of our AI systems.
This contributes to accountability and ensures our solutions meet user needs and expectations while adhering to responsible AI principles.
🔍 Transparency and Explainability
We will strive for transparency in how our AI models reach conclusions, working towards Explainable AI (XAI) methodologies wherever feasible. This allows for better understanding of decision-making processes and increases accountability.
2. Cybersecurity
☁️ Secure Cloud Infrastructure
Our product is developed and hosted on Google Cloud Platform (GCP), leveraging its robust security features:
- Google Vertex AI for large language models (LLMs)
- Gemini for embedding generation
- Google Cloud Storage for secure customer data storage
Our centralized GCP approach facilitates consistent application of data and security policies, minimizing cybersecurity risks.
🔐 Ongoing Security Practices
We are committed to implementing and continuously improving strong safety and security practices, including:
- ✅ Regular security audits
- ✅ Vulnerability assessments
- ✅ Penetration testing of our systems
- ✅ Post-deployment monitoring to detect and address emerging security threats
3. Data Privacy and Governance
📄 Data Use Policies & Compliance
We are actively developing comprehensive data use policies and terms of service, guided by ElevateIP and IP-Ontario, and in alignment with:
- Applicable legislation and regulatory requirements
- Platform-specific requirements (including GCP)
These policies will ensure transparency and user control over data usage.
⚖️ Compliance with Legal and Social Norms
Our development adheres to the social and legal norms of the countries where we operate, including:
- Strict enforcement of data boundaries
- Testing in constrained environments before broader deployment
See our Privacy Policy and Terms of Service for more details.
4. Fairness and Equity
🎯 Bias Mitigation
We acknowledge the potential for bias in AI systems and commit to proactive mitigation strategies:
| Strategy | Description |
|---|---|
| Data Auditing | Reviewing training data for potential bias |
| Model Evaluation | Assessing models for fairness across demographics |
| Ongoing Monitoring | Continuous checks for discriminatory outcomes |
| Best Practices | Adopting industry standards for equitable AI |
Our goal is to ensure fairness and equitable access to our solutions for all users, regardless of background or demographics.
5. Safety
🚫 Harm Prevention
We explicitly prohibit the development of solutions that:
- Cause or are likely to cause harm
- Violate generally accepted norms
- Conflict with international law or human rights
Rigorous testing and monitoring are integral to preventing such outcomes. We maintain a zero-tolerance policy for AI use cases that could endanger individuals or communities.
6. Compliance with Legislation and Regulatory Requirements
SusTern™ is committed to complying with all applicable data privacy regulations and other relevant legislation in the jurisdictions where we operate, including:
- 🇨🇦 PIPEDA — Personal Information Protection and Electronic Documents Act (Canada)
- 🇺🇸 CCPA — California Consumer Privacy Act
- 🌍 GDPR — General Data Protection Regulation (where applicable)
Our collaboration with legal and IP services ensures our practices remain current and compliant with evolving legal landscapes. The use of established platforms like GCP contributes to this compliance.
Contact Us
If you have questions or concerns about our Responsible AI practices, please contact us:
SusTern™ Inc. 📧 support@sustern.ca 🌐 https://www.sustern.ca
We welcome feedback and are committed to continuously improving our responsible AI practices.