FrontierzDocs

Privacy & data

Frontierz isolates company data by organisation. Users, AI Fellows, Learning Paths, conversations, analytics, uploaded knowledge, and configurations are all scoped to your company account.

This page is the plain-language version of how that works in practice.

Uploaded knowledge

Knowledge Base files (PDFs, Word, PowerPoint, TXT, Markdown, audio, video) are stored, processed, and used as reference material for the AI Fellow you uploaded them to.

  • Only admins with access to that Fellow can add, remove, or reprocess the files.
  • The Fellow uses the processed knowledge during conversations to ground its answers.
  • You can delete a knowledge file at any time. The Fellow re-indexes when you save the change.

Conversations and transcripts

Live sessions are transcribed and summarised automatically.

  • Admins can review conversation history according to their role and the resources they have access to.
  • Conversations on a Public AI Fellow are anonymous. The transcripts are visible to admins, but they are not attributed to a specific person.
  • Conversations on a Private AI Fellow require login, so transcripts are attributed to the user who held them.
  • Conversations inside a Learning Path are tied to the enrolled user for progress purposes; admins see who completed which session and when.

Camera sharing

Off by default. The user has to explicitly turn on the camera, and they can turn it off at any moment. When enabled, the AI Fellow receives camera snapshots at moments that matter to the conversation, not a continuous video stream. Nothing is stored beyond the active session.

See Voice & live sessions for the details.

Screen sharing

Off by default. The user picks the screen, window, or tab to share through the browser's native dialog, and stops sharing whenever they want. The Fellow only sees what was explicitly shared. Screens are not recorded or stored beyond the session. Only the most recent frames stay in working memory while the conversation is live.

Connector data

When a Connector fires, the data the Fellow gathered from the user is sent to the system the Connector points to (your CRM, LMS, HR system, or whatever your IT team configured). Frontierz logs the request and the response on its side for audit purposes. What the receiving system does with the data depends on that system's own retention and processing rules.

Tenant isolation

Each Frontierz customer operates inside its own logical tenant. Data from your company is not visible to other customers, and the access controls (role-based, scoped per resource) are enforced server-side, not just hidden in the UI.

Specifics worth asking us about

The questions below depend on your contract, your region, and the specific configuration we've agreed on. The honest answer is: ask us before you commit, so we can give you the version that applies to your account.

  • Data residency options (where data physically lives).
  • Encryption details (algorithms, key management).
  • Retention policies (how long transcripts and analytics are kept).
  • Deletion policies (what happens when you delete data, and how long it takes to fully purge).
  • Subprocessor list (third parties that touch your data).
  • Audit log access and retention.
  • SSO and identity provider support.

On this page

Uploaded knowledgeConversations and transcriptsCamera sharingScreen sharingConnector dataTenant isolationSpecifics worth asking us about