Legal

AI Governance Practices

Last updated: 15 July 2026

Overview

Ragtime is committed to the responsible, transparent, and secure development of the artificial intelligence technologies that power its Services (the "AI Services"). This document outlines Ragtime's approach to AI governance and compliance. We align our practices with recognised international standards — including the EU AI Act and the GDPR — so that our AI Services are trustworthy, compliant, and suitable for the needs of our customers and society at large.

These policies and practices may evolve as our Services and the wider industry change, so please check back regularly for updates. Capitalised terms used but not defined here have the meaning set out in our Terms of Service.

Guiding principles

Responsible innovation

Ragtime is guided by a framework of responsible AI innovation, adhering to principles of transparency, consent, and real-time safety throughout our AI supply chain. We require clear disclosure of the AI nature of an assistant in interactions with the AI Services, whether for public-facing deployments or customer-specific implementations. Our platform is paired with a trust and safety layer designed to help prevent harmful interactions and encourage responsible use in real time, operationalised through content moderation tooling and an acceptable-use standard.

Rights of customers

Ragtime respects the rights of the organisations that use its Services by communicating transparently and empowering them with choice. Our Services and related practices incorporate measures designed to respect customers' intellectual property rights, protect their data, and maintain confidentiality. Customers are not responsible for Ragtime's separate research and development decisions.

Rights of individuals

Ragtime is committed to upholding the rights of individuals and protecting the public from harmful content and misuse of AI. Our acceptable-use standards prohibit using the Services for activities that infringe individual rights, such as creating defamatory, inflammatory, abusive, or discriminatory content. We enforce these restrictions to help ensure the AI Services are used responsibly — safeguarding privacy, promoting freedom of expression within ethical bounds, and preventing discrimination.

Key areas of impact

Accountability & roles under regulation

Ragtime and its customers share responsibility for preventing abuse and mitigating harm. Our roles shift with the stage of the AI supply chain and the applicable legal framework. When developing and pre-training our AI Services, Ragtime acts as the "controller" under the GDPR and as a "provider" under the EU AI Act. Once customers deploy the Services, they become the "deployer" under the EU AI Act and the controller under privacy law (as they determine the purposes and means of processing), while Ragtime acts as the "processor". When used as intended and in line with our acceptable-use standards, our AI Services are not designed to constitute High-Risk AI Systems under the EU AI Act.

Customer choice

The Services are intended for businesses of all sizes, across diverse industries and geographies. As a provider and processor, Ragtime offers features and controls to help customers meet their compliance obligations; however, it is ultimately the customer's responsibility to deploy and use the Services in accordance with the laws that apply to them. For more information about available controls — including interaction management, integration options, and permission settings — please contact support@ragtime-ai.com.

Internal governance & policies

Our internal governance is designed to ensure that roles and responsibilities are defined and enforced across the development and monitoring of our AI Services:

  • AI Governance — reviews AI-related decisions, particularly those with ethical implications, to ensure they align with our responsible-AI standards.
  • Security & Compliance — maintains a formal information security program with clearly defined roles, responsibilities, and accountability.
  • Engineering & Research — designs and develops the AI Services following secure-development-lifecycle processes to meet technical, ethical, and legal requirements.
  • Trust & Safety — provides real-time monitoring and enforcement of safety protocols for AI interactions.

Transparency by design

Transparency is fundamental to how we build and operate the Services. In our governing agreements we provide customers with information about our data-processing practices, safety measures, and responsible-AI considerations, so they can make informed decisions about deployment.

Training data & provenance

Ragtime develops its AI Services using carefully curated data and robust safeguards designed to encourage responsible behaviour. We do not use customer content — including inputs or outputs — to pre-train our models. Any processing of customer content that requires or results in fine-tuning is subject to the written instruction of the customer, in accordance with their governing agreement. We maintain documented processes for tracking the origin and history of training data, though the specifics of those datasets are proprietary and confidential.

Security & privacy

Ragtime applies data-protection and privacy measures designed to ensure our AI Services are developed in a privacy-centric and compliant manner. We adhere to the principles of data minimisation, encryption, and secure storage. Security by design and by default is integral to our development process, including secure coding, regular testing, and continuous vulnerability assessment. Further detail is set out in our Data Processing Addendum and Privacy Policy.

Safety & health

We design our AI Services with safety as a primary concern, implementing real-time safeguards to help prevent harm, including active content moderation, interaction monitoring, and rapid-response protocols. We regularly test the robustness of these safeguards.

Fairness & accessibility

Our AI Services are designed and operated to help ensure equitable outcomes for users. We implement bias-mitigation strategies at multiple stages of the AI lifecycle, from data selection to real-time monitoring, and conduct regular assessments to identify and correct emerging biases. We are committed to making the Services accessible regardless of ability, including support for assistive technologies and continuous improvement based on user feedback.

Ongoing improvement & audits

Ragtime is committed to the continuous monitoring and improvement of its AI Services. We regularly review performance, incorporate feedback, and adapt to new developments in AI technology and regulation, supported by an audit process designed to monitor compliance with the principles set out in this document.

Contact

For questions about our AI governance practices, contact us at legal@ragtime-ai.com.

Let's talk

Request a demo

Tell us a little about your context. We'll show you a working assistant grounded in your own content.