Responsible AI and Data Governance Statement

1. Purpose

This Replenit Responsible AI and Data Governance Statement describes the principles that govern how Replenit uses artificial intelligence, machine learning, analytics, and related computational methods in connection with its products and services.

Replenit provides decisioning, prediction, and workflow intelligence for enterprise commerce and customer lifecycle use cases. Because these services may involve AI-enabled outputs, Replenit is committed to using such technologies in a controlled, secure, and business-appropriate manner.

This statement is intended to provide customers, prospects, and partners with a clear overview of Replenit’s governance approach. It is a public summary and does not replace any applicable agreement, data processing terms, or security documentation.

2. Scope

This statement applies to AI-related capabilities used by Replenit in the delivery, support, evaluation, and improvement of its services.

At the present time, Replenit primarily uses AI as part of its service delivery and product capabilities. Replenit does not currently position itself as a developer of standalone general-purpose AI systems. Over time, Replenit may develop proprietary AI components, models, decisioning methods, and related governance controls as its products evolve. This statement is intended to apply to both Replenit’s current use of AI and any future AI capabilities developed by Replenit.

3. Core Principles

3.1 Business Purpose and Contractual Scope

Replenit uses AI only in support of legitimate business purposes connected to its products and services. AI is used to support customer-authorized outcomes such as prediction, estimation, prioritization, workflow support, recommendation, signal interpretation, and related decisioning use cases within enterprise environments.

Replenit does not use AI in a manner that is inconsistent with the agreed service scope, customer instructions, or applicable contractual restrictions.

3.2 Human Accountability

Replenit believes that AI should operate within clear human, contractual, and operational boundaries. Responsibility for product design, system configuration, customer deployment, monitoring, and governance remains with authorized personnel.

AI-assisted outputs are intended to support business operations and decision processes. They are not intended to eliminate appropriate business judgment, legal review, compliance review, or customer oversight where such oversight is necessary.

3.3 Data Governance and Purpose Limitation

Replenit is committed to handling customer data in a manner consistent with purpose limitation, confidentiality, and contractual restrictions.

Where AI is used in connection with customer data, such use must remain within the scope of the relevant engagement, documented service purpose, and applicable legal and contractual framework. Replenit does not use customer data for unrelated purposes simply because AI systems make such use technically possible.

3.4 Privacy and Sensitive Data Awareness

Replenit recognizes that AI-enabled services may involve data protection, confidentiality, and privacy considerations. Replenit expects the use of AI within its services to be aligned with applicable privacy obligations, customer requirements, and internal governance controls.

Where personal data is involved, Replenit’s handling of that data is governed by applicable contractual and privacy arrangements, including any relevant data processing documentation.

3.5 Security and Access Control

Replenit applies technical, organizational, and administrative safeguards intended to protect systems, customer data, and AI-enabled service workflows from unauthorized access, misuse, alteration, or disclosure.

Access to AI-enabled systems, data inputs, outputs, configurations, and supporting environments should be restricted to authorized personnel and approved service providers with a legitimate business need and appropriate confidentiality and security obligations.

3.6 Vendor and Third-Party AI Governance

Replenit may use third-party technologies, infrastructure, models, and service providers as part of its AI-enabled services. Where third-party AI or model providers are used, Replenit seeks to evaluate them through appropriate legal, security, privacy, and operational review processes proportionate to the nature of the service.

Replenit expects third-party providers supporting its services to operate under appropriate contractual and security controls. Replenit’s use of third-party AI services does not reduce Replenit’s responsibility to govern how such services are applied within its own product and customer environments.

3.7 Quality, Testing, and Validation

Replenit believes that AI-enabled outputs should be subject to appropriate testing, review, and monitoring before and after deployment, taking into account the intended business use case and the nature of the output.

Replenit aims to evaluate AI-supported capabilities for performance, consistency, operational fit, and alignment with the intended customer workflow. As Replenit’s products evolve, this may include expanded internal validation, evaluation, monitoring, and model governance processes.

3.8 Transparency and Explainability

Replenit aims to provide customers with a commercially meaningful understanding of how AI-enabled capabilities are used within the services, including the business purpose of the output and the role it plays within the relevant workflow.

Replenit does not treat “AI” as a substitute for governance. Where appropriate, Replenit seeks to structure AI-supported services so that outputs can be understood, reviewed, and placed in the context of broader business logic and customer objectives.

3.9 Fairness and Appropriate Use

Replenit expects AI-enabled capabilities to be used in ways that are relevant, proportionate, and appropriate to the commercial use case for which they are deployed.

Replenit does not intend to deploy AI in a manner that is intentionally deceptive, unlawfully discriminatory, or inconsistent with applicable law, customer restrictions, or accepted enterprise governance standards. Replenit also expects customers to use the services in a lawful and appropriate manner consistent with their own obligations.

3.10 Continuous Review

AI technologies, regulatory expectations, and customer requirements continue to evolve. Replenit expects its governance approach to evolve accordingly.

As Replenit’s AI use matures, including any future development of proprietary AI capabilities, Replenit may adopt additional internal standards, procedures, review controls, and lifecycle governance requirements relating to design, testing, deployment, monitoring, and retirement of AI-enabled systems.

4. Current and Future AI Position

Today, Replenit primarily uses AI within the context of its products and services rather than as a standalone AI model developer.

This means Replenit’s present governance focus is centered on responsible use, controlled deployment, secure data handling, customer-aligned application, and oversight of third-party technologies used as part of service delivery.

As Replenit develops its product and technical capabilities, it may also build proprietary AI components, decisioning logic, internal models, model governance processes, and related evaluation frameworks. Where that occurs, Replenit intends to extend this governance approach to cover not only AI use, but also AI design, development, validation, deployment, and lifecycle management.

5. Customer and Partner Expectations

Replenit serves enterprise customers and expects AI-enabled services to be evaluated within that context. This includes appropriate attention to contractual scope, data handling, business accountability, security, operational reliability, and regulatory considerations.

Replenit encourages customers and partners to assess AI-enabled capabilities based not only on technical performance, but also on the surrounding governance model, controls, and business suitability for the intended use case.

6. Governance Ownership

Responsibility for implementation and oversight of this statement sits with Replenit’s leadership, together with relevant legal, security, product, and operational stakeholders, as applicable to the service and stage of product maturity.

This statement may be supported over time by more detailed internal standards, review procedures, and control frameworks.

7. Changes to This Statement

Replenit may update this Responsible AI and Data Governance Statement from time to time to reflect changes in its services, governance practices, technical architecture, legal obligations, or product strategy.

The most current version will be made available on Replenit’s website.