Ethics & Responsible Use

We build observability tooling that prioritizes transparency, user privacy, and responsible use.

Our Ethical Commitment

Demeterics is committed to building AI observability infrastructure that prioritizes transparency, user privacy, and responsible use. We believe that observability tools should empower teams to build better AI systems, not enable surveillance or misuse.

1. Privacy-First Design

We believe that LLM interaction data belongs to you, not us.

Customer Data Ownership: You retain full ownership and control over your interaction data.
No Training on Customer Data: We will never use your LLM interactions to train models or build data products without explicit consent.
Encryption by Default: All data is encrypted at rest and in transit using industry-standard protocols (AES-256, TLS 1.3).
Right to Deletion: GDPR-compliant deletion API allows you to delete your data at any time.
Audit-Ready Transparency: Complete data lineage with SHA-256 hashes for cryptographic verification.

2. No Surveillance Use Cases

Demeterics is designed for operational monitoring, not employee surveillance.

Aggregate Analytics Only: Dashboard metrics are aggregated; we do not support individual employee monitoring dashboards.
No Sentiment Analysis on Users: We do not provide features for sentiment analysis of internal users or employees.
Quality Monitoring, Not Policing: Evaluation frameworks are designed to improve LLM output quality, not to surveil or score human workers.

3. Responsible Use

Demeterics promotes responsible use of AI systems with clear governance and transparency.

Human Oversight: For critical workflows, ensure a human reviews important outputs and decisions.
Bias Awareness: Validate model behavior against your own standards and regulatory requirements.
Policy Compliance: Follow each provider’s acceptable use policies and applicable laws.

4. Data Minimization

We collect only the data necessary to provide the Service.

Interaction Data Only: We capture question/answer pairs, metadata, and performance metrics. We do not capture PII unless explicitly included by you.
No Tracking Pixels: Our web UI does not use third-party analytics or tracking scripts.
Configurable Retention: Set your own data retention policies (7 days to 365 days); default is 365 days.

5. Security & Compliance

We take security seriously and follow industry best practices.

SOC 2 Path: Architecture designed for SOC 2 Type II certification (in progress).
GDPR Compliance: Data export, deletion, and portability built-in.
HIPAA BAA Available: Business Associate Agreement available for healthcare customers.
Audit Logging: All API key operations are logged for security and compliance audits.

6. Transparency & Open Source

We believe in transparency about how our platform works.

Documented Architecture: We publish high-level diagrams detailing data flow and access controls.
Integration Examples: We publish documentation and examples to make integration straightforward.
Customer Visibility: Instrumentation and log collection can be inspected at any time.

7. Anti-Discrimination

Demeterics may not be used to discriminate against individuals or protected classes.

No Adverse Profiling: You may not use Demeterics data to build systems that score or restrict people based on protected characteristics.
Equal Access: We reserve the right to suspend accounts that weaponize evaluation tooling for discriminatory outcomes.

8. Prohibited Use Cases

We do not allow Demeterics to be used for:

Mass surveillance or employee productivity scoring.
Weapon development or autonomous lethal decision making.
Any application that violates local, national, or international law.

9. Reporting Violations

If you suspect misuse of the platform, email support@demeterics.com with details. We respond within two business days.

10. Continuous Improvement

We review this policy quarterly and incorporate feedback from customers, regulators, and the research community to ensure responsible adoption of LLMs.