AI & Data Policy FAQs

These FAQs summarize the most important commitments in the Cableteque AI & Data Policy (v1.0, effective 2026). They are written for quick reading. The full policy, the EULA, and the MNDA are the binding documents. If anything here is unclear, those govern.

Q1. What does Cableteque use AI for?

A. Cableteque uses OCR and Generative AI (including Large Language Models) inside the Licensed Software for two purposes: to reduce manual data entry and to enhance the user experience. In practice, that means two concrete jobs:

  • Reading engineering drawings and technical documents and extracting structured Bills of Materials and technical data (part numbers, manufacturers, descriptions, quantities, measurements) so users don't have to key them in by hand.
  • Generating intelligent recommendations inside the platform, such as component matches and quote optimizations.

AI is not used to make engineering decisions, certify designs, or replace qualified judgment. Every output is for reference and must be validated by a qualified person before it is acted on.

Policy reference: Sections 1 and 2

Q2. Are Cableteque's AI features turned on automatically?

A. No. All Generative AI features are disabled by default for every account. Your account administrator must opt in to enable it, and opting in constitutes acceptance of the applicable AI feature terms.

Policy reference: Section 2 — AI Features (opt-in callout)

Q3. Does Cableteque use my data to train AI models?

A. No. Cableteque does not use your data, including BOMs, engineering drawings, extracted technical data, Commercial Data, or any AI-generated outputs from your data, to train, fine-tune, benchmark, or otherwise improve any AI or machine learning model, whether Cableteque's own or a third party's. This commitment is binding on every third-party AI provider by contract.

Policy reference: Section 4 — No-Training Commitment

Q4. What's the difference between "Licensee Data" and "Usage Data"?

A. Licensee Data is everything you put into the platform, BOMs, drawings, specs, proprietary part data, Commercial Data, and any AI outputs derived from any of that. It is fully protected. Usage Data is data about how you interact with the platform, clicks, features used, session telemetry, browser type, and performance metrics. Usage Data does not include your content or AI outputs derived from it, and is used (aggregated and de-identified) only to operate and improve the product.

Policy reference: Sections 3.1 and 3.2

Q5. How is my Commercial Data (pricing, suppliers, margins) protected?

A. Commercial Data, negotiated pricing, discounts, supplier identities, payment terms, lead times, quote pricing, cost structures, and margin data, is treated as Confidential, logically segregated by your account identifier, and accessible only to authorized Cableteque personnel for service delivery. Cableteque will not use Commercial Data to train AI models, to generate cross-customer recommendations, or to produce benchmarking analytics.

Policy reference: Section 6.2 — Commercial Data

Q6. What AI features are available today?

A. Two:

  • BOM and Technical Data Extraction: OCR plus LLM-based extraction of part numbers, manufacturers, descriptions, quantities, and measurements from engineering drawings.
  • Intelligent Recommendations, suggestions inside the platform, such as component matching and quote optimization.

Both produce reference output only and must be reviewed by a qualified person before use.

Any new AI feature is reviewed and approved by Cableteque's Security Officer before release, and customers will be notified of any material changes.

Policy reference: Sections 2.1, 2.2, and 2.3

Q7. Can I trust AI-extracted BOMs and recommendations without review?

A. No. All AI-generated output, BOM extraction, technical data, component recommendations, and any other AI-assisted data are for reference only. It is not an engineering certification, professional advice, or a guarantee of accuracy. A qualified person must review and validate every AI output before it is used in any engineering, manufacturing, quoting, or procurement process. You are solely responsible for decisions made on AI output.

Policy reference: Section 8 — AI Output Accuracy

Q8. What are the known accuracy limitations of the AI?

A. Cableteque openly acknowledges these limits:

  • Output is not guaranteed to be 100% accurate; it may be incomplete or incorrect.
  • Large or complex drawings (over roughly 4,000 square inches) may yield lower accuracy.
  • Processing times vary; complex files can take 30 minutes or more.
  • Features, capabilities, supported file types, and behavior are in active development and may change.
  • AI does not perform engineering design validation, quality inspection, or manufacturing certification.

Policy reference: Section 8 — Known limitations

Q9. Can I upload CUI or other export-controlled data to the commercial instance?

A. No. The commercial instance is designed for commercial data, including EAR99-classified content, which covers the vast majority of wire harness manufacturing data. It is not authorized to process CUI, ITAR-controlled data, or content with a specific ECCN classification.

Policy reference: Section 7.1 — Commercial Instance

Q10. What is the Cableteque Secure GOV instance, and how is it different from others?

A. The GOV instance is a separate, purpose-built environment for processing CUI and CDI. It runs in FedRAMP Moderate Equivalent-authorized cloud environments and adds controls on top of the standard ones, including:

  • Encryption in transit and at rest with Cableteque-managed volume keys.
  • An absolute prohibition on using GOV-instance data for any AI training.
  • Full audit logging of access and processing events.
  • Data residency confined to approved U.S. geographic regions.

Policy reference: Section 7.2 — Cableteque Secure GOV Instance

Q11. Could my data ever be used to benefit a different customer?

A. No. Using your data to benefit, train on, or inform another customer's experience is strictly prohibited, as are cross-account analytics, cross-customer benchmarking, and market-pricing insights derived from your data. Your data is also never shared with any third party except approved sub-processors operating under an executed Data Processing Agreement.

Policy reference: Section 3.3 — Absolute Prohibitions

Q12. Does Cableteque ever use my data inside my own account?

A. Yes, but only within your account. Cableteque may use your Licensee Data to improve your experience inside your account, for example, recognizing components, suppliers, or configurations you commonly use and pre-populating or suggesting them later. This remains strictly within the account; it never benefits any other customer, and it does not constitute training or fine-tuning of any AI model.

Policy reference: Section 5 — Within-Account Enhancement

Q13. How is my data protected when Cableteque uses third-party AI providers?

A. Every third-party AI provider that touches your data must meet these requirements:

  • A Data Processing Agreement (DPA) is in place before any data is sent.
  • The DPA explicitly prohibits the provider from using your data to train, fine-tune, or improve any AI model.
  • The provider passes Cableteque's security due diligence and meets applicable data protection standards.
  • Data is encrypted in transit and subject to the same classification controls as other production data.
  • The Security Officer keeps an approved-provider registry; no unapproved provider may receive your data.
  • DPAs are reviewed annually or whenever the provider's services materially change.

Policy reference: Section 9 — Third-Party AI Providers

Q14. How long does Cableteque keep my AI-processed data, and what happens when my subscription ends?

A. Retention follows the Privacy Policy, with a few specifics worth knowing:

  • GOV instance source drawings are transient and deleted immediately after processing.
  • AI-generated BOM and technical output are retained during your active subscription and securely deleted per policy or upon request.
  • Commercial Data is retained during your active subscription and is securely deleted per policy or upon request.
  • Aggregated, de-identified Usage Data is retained for a reasonable period for operational needs.
  • AI pipeline logs are kept for a minimum of one year.

After termination or expiration, you have 30 days to request retrieval or deletion of your Licensee Data; after that, Cableteque may permanently delete it. Early-deletion requests during the term are honored within a reasonable period, subject to any legal retention obligations.

Policy reference: Section 10 — Data Retention

Q15. What security controls protect the AI pipelines?

A. AI pipelines are treated as production systems and inherit the platform's controls:

  • Encryption in transit and at rest using Cableteque-managed keys.
  • Logical segregation of customer data at the database and API layers using a unique account identifier ensures that AI output from one account is never exposed to another.
  • Access to AI production systems is disabled by default and gated by an approval process.
  • Continuous logging and security monitoring across all pipeline infrastructure.
  • Industry-standard anti-virus and vulnerability scanning of AI components before deployment.
  • No direct administrative access to production AI data by Cableteque employees.

Suspected security incidents involving AI-processed data should be reported immediately to support@cableteque.com.

Policy reference: Section 11 — Security Controls

Q16. What compliance frameworks does Cableteque follow?

A. Cableteque is building out and maintaining the following posture:

  • FedRAMP Moderate Equivalency: In-Process (2026) for the GOV instance. 3PAO is Ignyte Assurance Platform (accredited, A2LA Cert. 6081.01); full certification expected by the end of 2026.
  • NIST 800-53 Moderate Baseline: controls implemented for the GOV instance; FedRAMP Marketplace RAR expected July 2026.
  • SOC 2 Type II: practices in place across all instances; formal certification in progress.

For current compliance documentation or to request the Ignyte 3PAO letter, contact support@cableteque.com.

Policy reference: Section 12 — Compliance Posture

Q17. How does Cableteque's shared Component Library work, and is any of my data in it?

A. The Component Library is a shared library of commercially available, off-the-shelf component specifications, such as manufacturer part numbers, public datasheets, and technical parameters. Cableteque may add to or enrich entries in the library when it encounters publicly or commercially available data during normal platform use, and that library is used to backfill missing component data for customers. Your proprietary data is never added to the shared library, and all Licensee Data is auto-designated as proprietary. The binding terms live in the Data Use provision of the EULA.

Policy reference: Section 6.1 — Component Library (governed by the EULA)

Q18. Who can turn AI features on or off, and what does opting in commit me to?

A. Only your account administrator can enable a Generative AI feature for your account. Because every AI feature is off by default, no AI processes any of your data until that opt-in happens. Opting in is treated as acceptance of the applicable AI Drawing Comprehension Feature terms, and customers must execute the AI BOM Feature Addendum before accessing AI features. Administrators can change this choice at the account level.

Policy reference: Section 2 (opt-in callout) and Section 8 (AI BOM Feature Addendum)

Q19. How will I be told if Cableteque adds new AI features or changes existing ones?

A. Any new AI feature or use case beyond what is described in the current policy must be reviewed and approved by Cableteque's Security Officer before release. When that happens, the AI & Data Policy is updated, and customers are notified of material changes. AI features are also in active development, so capabilities, supported file types, and behavior can evolve over time. Any change that materially affects you will be communicated.

Policy reference: Sections 2.3 and 8

Q20. How does this AI & Data Policy relate to the EULA, Privacy Policy, and MNDA?

A. This policy is meant to be read together with Cableteque's End User License Agreement (EULA), Privacy Policy, and the Mutual Non-Disclosure Agreement (MNDA). If anything in this FAQ or the AI & Data Policy ever conflicts with those agreements — including on the treatment of Licensee Data or Commercial Data — the EULA and MNDA control.

Policy reference: Sections 1 and 13

Q21. Where is my data hosted, and how does AI processing work?

A. Cableteque's platform and your data are hosted on major cloud infrastructure, entirely within the United States:

  • Commercial Platform: AWS, Azure, and GCP. Your data is stored and processed within those environments.
  • Cableteque Secure GOV Instance: AWS GovCloud, Azure GCC High, and GCP High; all FedRAMP High authorized. Data never leaves U.S. regions.

AI inference (the actual processing of your drawings and documents through Large Language Models) is performed through approved enterprise cloud AI services operating under executed Data Processing Agreements. Cableteque does not self-host foundational AI models. It uses managed inference services from major cloud providers, each of which is contractually prohibited from using your data for model training or any unauthorized purpose.

Cableteque is not committed to a single AI model or provider. As the technology evolves, the specific inference services in use may change. The protections described in Q13 apply regardless of which approved provider is engaged at any given time.

Policy reference: Section 9 — Third-Party AI Providers; Security & Compliance Overview, Section 2

Questions or data rights requests

Email support@cableteque.com for general questions or to exercise a data right. Visit cableteque.com/legal for the full AI & Data Policy, EULA, Privacy Policy, and the AI BOM Feature Addendum referenced in Section 8.

This FAQ summarizes the Cableteque AI & Data Policy v1.0 and is intended as a quick reference only. The full policy, the EULA, and the MNDA are the binding agreements.