Canto’s Artificial Intelligence (AI) Policy
(Hier klicken für die deutsche Version)
Preamble
This Artificial Intelligence (AI) Policy (this "Policy") governs the professional use of the intelligent capabilities integrated within the Canto platform (the "AI Features"). We have developed this Policy to operationalize our commitment to transparency, providing a clear standard for how we manage data and privacy in the context of AI innovation. It serves as a practical guide for utilizing these functionalities while upholding our mutual commitment to data stewardship. For the sake of consistency, any capitalized terms not specifically defined within this Policy carry the definitions established in your Master Service Agreement, Data Processing Agreement, other primary governing contract and Applicable Law.
Last updated: February 2026
Table of contents
Definitions and Key Concepts
To provide clarity throughout this Policy, we use the following terms to describe our technology and your data:
AI - Artificial Intelligence
AI System - The machine-based technology integrated into our platform that, for explicit or implicit objectives, infers how to generate outputs such as search results, content tags, or recommendations.
AI Features - The specific functionalities within the Canto platform that utilize AI Systems to enhance your workflow. This includes, but is not limited to, Visual Search, Automated Tagging, and Smart Content Suggestions.
Applicable Law - the EU AI Act (Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence and amending Regulations (EC) No 300/2008, (EU) No 167/2013, (EU) No 168/2013, (EU) 2018/858, (EU) 2018/1139 and (EU) 2019/2144 and Directives 2014/90/EU, (EU) 2016/797 and (EU) 2020/1828), the GDPR, (the General Data Protection Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC), state and/or federal laws that govern or regulate the use of AI Features within the United States of America, or any other legislation or regulation applicable to the use by the Customer of AI functionalities within the Product.
Biometric Data - personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic data
Pre-trained Model - An AI model that has been developed and "taught" using large, curated datasets of non-personal information before it is integrated into our platform. This model is ready to use "out of the box" and does not require your assets to understand basic concepts (like identifying a "car" or a "sunset").
Inference - The real-time process where the AI System analyses a specific asset to provide a result (such as a search match). During inference, the AI is applying what it already knows; it is not learning or fundamentally changing its internal logic based on your asset.
Input - Any prompt or other information that Customer submits to the AI expecting to receive Output
Output - Any data or content generated based on the Customer's input
Customer Data / Customer Content / Customer Assets / Assets - The proprietary images, videos, and digital files that you upload and manage within the platform. These remain your intellectual property.
Human Oversight - The tools and manual processes that allow a human user to review, override, or correct any output generated by the AI Features.
Bias & Accuracy Monitoring - The ongoing technical process where Canto tests its AI Features to ensure results are fair, representative, and meet professional standards for precision.
In the context of processing personal data Canto always acts as a "Processor" or "Service Provider" and Customer acts as the "Controller" as these terms are defined in the Applicable Law.
Our AI Vision and Core Commitments
Canto is built on the principle of turning content chaos into content intelligence - unifying brand and product content in one centralized platform and accelerating the content lifecycle with AI. This approach is guided by a singular vision: Assistance, not Replacement. We build AI to augment human creativity and efficiency, empowering our users to search, tag, and organize their content more intelligently - not to replace the critical eye of creative professionals or the strategic decisions of our clients.
To bring this vision to life responsibly, our development and deployment of AI features are anchored in four core commitments:
Fairness: We are committed to mitigating bias in our AI models. By leveraging diverse training data and conducting regular testing, we strive to ensure our algorithms perform equitably across different demographics and content types, aligning with fundamental principles of fairness.
Transparency: We believe in being open about how our AI works. Where an AI system informs a decision or automates a process within your workflow, we will provide clear information about its logic and limitations. This transparency is a cornerstone of building trust and ensuring you remain in control.
Privacy-by-Design: Privacy is not an afterthought; it is embedded into the fabric of our AI features from the outset. We process your content strictly in accordance with your instructions, utilizing secure data handling practices, pseudonymization and other technical safeguards. We train our pre-trained models on de-identified and lawfully sourced datasets, ensuring they enhance your experience without compromising the confidentiality of your unique assets, infringing your intellectual property rights or exposing your Personal Data.
Accountability: We take ownership of our AI's role in your ecosystem. We maintain robust governance structures to oversee AI development, conduct thorough assessments of new features, and provide clear points of contact for our users. We are dedicated to the responsible innovation that our customers expect.
This policy will evolve alongside our technology and the regulatory landscape, but these four principles will remain the constant foundation of our work.
Functional Scope
Canto provides a wide range of different AI tools within its product. To provide you with a clear understanding of each, where it is located and what it does, please find the following list of each of Canto's AI Features:
Smart Tags, Facial Recognition and Text recognition for Images: Canto's AI-powered image intelligence automatically analyzes visual content to generate smart tags, recognize and index faces, and extract embedded text (OCR), enabling more accurate organization, enhanced searchability, and reduced manual metadata effort across the platform.
Smart Tags, Facial Recognition, and transcription for Videos: Canto's AI-powered video intelligence automatically analyses video content to generate smart tags, recognize and index faces, and transcribe spoken dialogue into searchable text, improving organization, discoverability, and accessibility while reducing manual effort.
AI OCR for PDF: This feature applies Optical Character Recognition to PDFs, making the text within these documents searchable. It is particularly useful for managing large volumes of PDF documents.
AI Visual Search: Allows users to search for assets using visual similarity rather than relying solely on metadata. This feature is particularly useful for finding images and videos that are visually similar to a given reference.
AI Library Assistant: This tool helps organize the digital asset library by applying structured metadata without the need for manual tagging. It automates the organization process, making it more efficient. AI Library assistant includes asset categorization and assisted metadata.
AI Bulk Update Assistant: An advanced product management interface designed to efficiently search and update product records within the Product Hub. It enables users to perform text-based queries to locate specific product listings, such as filtering items by price or category, and presents the search results in a structured table format. Additionally, the tool offers the capability to modify up to three distinct product attributes through a secondary text prompt. Users can make batch updates, such as adjusting prices, altering model numbers, or editing product descriptions. The interface provides a comparative 'before and after' view of the changes, allowing users to review modifications before deciding to either commit the changes or discard them. This tool streamlines the process of managing product data, enhancing efficiency and accuracy in product updates. This feature is available for all Product hub users.
These features collectively enhance the efficiency and effectiveness of digital asset management by leveraging AI to automate and improve search, tagging, and organization processes. For more detailed information, you can refer to the Canto Help Center.
Data Integrity and Intellectual Property Protection
We recognize that your Assets are your intellectual property, your brand identity, and often contain sensitive commercial information. Our commitment to data integrity means that we treat your content with the highest degree of respect and security. Our AI features operate on your assets solely to provide you with enhanced functionality, such as improved searchability and automated metadata generation, within the secure confines of your Canto Tenant. We do not use your proprietary content to train or improve the foundational, pre-trained models that are made available to other customers. Any analysis performed by our AI is ephemeral and designed to benefit your organization alone, ensuring that your unique creative works and confidential data remain strictly separated from other Customer's data. Your Intellectual Property rights remain yours, and our role is simply to help you unlock its value.
Responsible AI Requirements
We firmly believe that AI should empower creative professionals, not operate instead of them. To that end, all AI-generated suggestions within our platform, including auto-tags, captions, and smart collections, are designed to be just that: suggestions. We place you firmly in control by ensuring that every output is verifiable and editable before it becomes part of your permanent record. Users retain the final say, with the ability to review, modify, override, or reject any AI-generated content in a simple way. Users are also retaining the obligation to mark their content as AI-created if required by Applicable Law. This "human-in-the-loop" approach ensures that editorial judgment, brand voice, and contextual accuracy remain firmly in professional hands.
Beyond individual user control, we maintain a formalized incident response protocol as a "backstop" for our systems. In the rare event of a significant technical issue or model error, this protocol activates a cross-functional team to investigate, contain, and resolve the matter promptly. These layered safeguards ensure that our technology serves your goals while keeping accountability for final content where it belongs—with you.
Customers will not:
Fail to disclose AI-generated content: Users must clearly indicate when content has been materially generated or modified by our AI Features, especially in circumstances where the output could reasonably be mistaken for human-authored work or when disclosure is required by Applicable Law.
Make improper Inputs: The AI Features may not be used to submit unlawful, abusive, deceptive, or defamatory material, nor to generate content that risks causing legal, economic, or reputational injury to others.
Use for harmful or high-risk applications: Our AI Features may not be involved in, promoted for, or deployed to support activities designated as prohibited or high-risk under Applicable Law. This encompasses, among other things, biometric categorization based on sensitive or protected characteristics, emotion recognition, or any use case that may lead to unlawful discrimination.
Circumvent or conduct reverse engineering: Users are prohibited from attempting to reverse-engineer, extract, or otherwise gain unauthorized access to the underlying models, datasets, training methods, or other proprietary elements of our AI Features. This prohibition includes any deliberate effort to bypass safety mechanisms, override built-in functionality, or induce the model to behave in ways inconsistent with this Policy or Applicable Law.
Competitive use and model training: The AI Features may not be used to develop, train, or enhance competing AI models or systems. This extends to any activity involving the labeling, annotation, or preparation of data for the purpose of training third-party AI technologies.
Submit protected data: Users shall not submit personal, sensitive, or protected information - including special categories of personal data - into the AI Features unless expressly authorized and implemented with appropriate safeguards that satisfy Applicable Law.
Third-Party AI and Sub-Processor Standards
Canto may use third-party products to provide the AI Features to Customer. Canto does not allow any third parties to train their AI models on Customer Personal Data.
Canto makes every effort to assure all third-party organizations are compliant and do not compromise the integrity, security, and privacy of Canto or its customer data. We hold third-party services to the same high security and privacy standards we maintain internally.
Internal AI Use
Canto supports the adoption of AI tools for productivity, training, and other legitimate business purposes in an ethical, responsible, and legally compliant manner. All AI tools proposed for internal use undergo a formal evaluation through our established vendor management process, where prospective providers are assessed for security, privacy, compliance, and performance standards prior to approval. This review helps ensure that any third-party AI solutions used within our organization align with our commitment to responsible AI practices and the protection of customer data. We use AI tools in a way that thoughtfully balances their significant potential and capabilities with Canto's values, risk management standards, and broader business interests.
Policy Maintenance and Contact Information
We approach this Policy as a living document - as AI regulations continue to develop, we are committed to regularly reviewing (at least annually) and updating this Policy to ensure it remains effective, accurate, and aligned with both legal requirements and industry best practices. We encourage users to get acquainted with this Policy and check back periodically for the most current version.
For any questions regarding this Policy, our AI Features, or your data privacy rights, please contact our privacy team at privacy@canto.com.
We welcome your inquiries and are committed to providing timely and thoughtful attention to your concerns.