NAVIGATION
Terms of Service
Privacy Policy
Sessionboard Studio (AI) FAQs
Information Security & Compliance
GDPR & CCPA
Data Subject Rights
Data Processing Addendum
Standard Contractual Clauses
Data Subject Access Request Form
Cookie Policy
List of Sub-processors
Accessibility Statement

Welcome to Sessionboard Studio — AI Features Built for Events

At Sessionboard, we’re committed to helping event organizers work smarter, not harder. That’s why we created Sessionboard Studio, a suite of AI-powered tools designed to make it easier than ever to evaluate, remix, and enhance your session and speaker content.

As we introduce these features, we know that transparency and data responsibility are critical. Below, you’ll find answers to common questions about how our AI works and how we handle your data.

What AI model is being used?

Sessionboard Studio currently uses OpenAI’s GPT-4o, one of the most advanced language models available. GPT-4o allows us to provide high-quality, human-like feedback on your content and helps generate creative, relevant remixes of sessions and speaker materials.

In the future, we plan to support additional best-in-class models from providers such as Anthropic, Google, and others—so you always get the most powerful and accurate results available.

Where is the AI model being hosted?

Today, our AI functionality is powered through OpenAI’s API, which runs in the United States on secure, enterprise-grade infrastructure. All communications with these models are encrypted in transit, and we maintain strict access controls to protect your data.

What data is being sent and stored?

To provide AI feedback, we send structured session and speaker content to the model—for example, session titles, descriptions, speaker bios, and related metadata.

Here’s how we handle your data:

  • Data sent to the model: Only the specific fields needed to generate useful output (e.g. content to be evaluated or remixed).
  • Data storage: We store only the AI’s output and relevant metadata for internal quality control, auditability, and to provide useful historical context to our users.
  • We do NOT store raw AI prompts that include sensitive customer data beyond what is necessary for function.
  • We do NOT send file uploads or personally identifiable information unless required and explicitly documented.

Does Sessionboard use open or closed AI processing?

Sessionboard uses a closed AI processing model. That means when we send your data to external AI providers (like OpenAI), we do so through private, secured API channels, where:

  • Your data is not used to train the model.
  • Your data is not retained by the AI provider beyond what is necessary to process the response.
  • All processing is stateless and ephemeral, designed to generate output for your immediate use and nothing more.

We do not use “open” AI platforms where inputs could be stored, reviewed, or used for public model improvement (like ChatGPT’s consumer interface).

This closed processing model aligns with enterprise-grade security expectations and is suitable for sensitive, B2B use cases like speaker and session evaluation.

Will my data be used to train AI models?

No. When using OpenAI’s API, your data is not used to train or improve any LLMs that Sessionboard uses, and it is not retained by any LLMs that Sessionboard uses for any other purpose.

Sessionboard maintains a no-training policy on customer data—whether we are working with OpenAI or any other provider. This means your event and speaker information is used exclusively to deliver value to you, never to improve external models.

We continuously vet our AI partners to ensure they meet enterprise-grade data governance standards.

How does Sessionboard handle data for customers in the EU?

We are fully committed to respecting the privacy rights of our customers in the European Union and complying with the General Data Protection Regulation (GDPR).

Here’s how we ensure responsible data handling:

  • Data Minimization: Only the minimum necessary data is sent to the AI model for evaluation or remixing.
  • No Cross-Use: Data processed through our AI services is not used for marketing, profiling, or any purpose beyond the feature you’re using.
  • No AI Model Training: As stated above, your data is not used to train any AI models, including those provided by OpenAI.
  • Sub-Processor Compliance: Any third-party AI providers we use—such as OpenAI—are contractually bound by data protection agreements and are vetted for GDPR compliance.
  • Your Rights: EU users retain full control of their data under GDPR, including the rights to access, rectify, delete, and restrict processing. Requests can be submitted to privacy@sessionboard.com.

We treat your content with care and are happy to provide additional documentation, including our Data Processing Agreement (DPA), upon request.

Can EU customers use OpenAI if the data is processed in the US? What about GDPR?

Yes, EU customers can use OpenAI (even though OpenAI’s models are hosted in the United States) as long as proper safeguards are in place under GDPR. We are quickly working to support internationally hosted models as well.

Here’s how we ensure GDPR compliance when using US-based solutions such as OpenAI:

Standard Contractual Clauses (SCCs)

OpenAI, like other US-based processors, relies on EU-approved Standard Contractual Clauses to legally transfer personal data from the EU to the US. These are contractual terms designed to ensure that EU data remains protected, even when processed outside the EU.

No Data Retention or Training

When we use OpenAI’s API (not ChatGPT):

  • Data is not stored after processing.
  • Data is not used to train the model.
  • Processing is stateless and ephemeral.

This means your data doesn’t linger on US servers or enter future models, which greatly reduces GDPR exposure.


Supplemental Technical and Organizational Measures

Sessionboard implements further protections, including:

  • Data minimization (sending only what’s needed)
  • Encryption in transit
  • Audit logs and access controls
  • No unnecessary use of personal data

You Maintain Your GDPR Rights

EU users maintain all GDPR rights when using Sessionboard Studio, including the right to access, delete, or restrict processing of your data. You can contact us with any requests at privacy@sessionboard.com.

Can we get a Data Processing Agreement (DPA) in place?

Yes. Sessionboard provides a standard Data Processing Agreement that aligns with GDPR and other global privacy frameworks. We’re happy to execute a DPA with any customer that requires it as part of their procurement or compliance process.

Is AI usage covered in your security policies?

Yes. We maintain clear policies on how AI is used within our infrastructure and workflows. This includes access control, data retention, and vendor oversight related to AI systems.

How do you protect data sent to AI providers?

We take a layered security approach:

  • All requests to and from AI providers are encrypted in transit (TLS 1.2+).
  • We do not store full prompt payloads containing sensitive data unless required for function.
  • We limit data shared with AI providers to what is strictly necessary for feature execution.
  • Our infrastructure ensures that only authorized services and personnel can access AI-related data flows.

Can we opt out of AI features?

Yes. While we believe AI adds tremendous value, we understand that some organizations may wish to opt out. You can disable AI-powered features in your account or request that they be restricted. Please contact your account manager or support@sessionboard.com to discuss your preferences.

Is AI-generated content auditable or versioned?

Yes. For transparency and quality assurance, Sessionboard logs:

  • Who triggered the AI action
  • What content was generated
  • When it was generated

Where applicable, we store version histories so users can review or revert AI output. This helps ensure responsible and auditable use of AI in content workflows.

Can we bring our own AI model or use a private LLM?

Not today, but we’re exploring this for the future. If your organization has specific AI or data residency requirements (e.g. wanting to use Azure OpenAI, private models, or a VPC-hosted LLM), we’d love to hear from you. Your feedback will help shape our roadmap.

Final Thoughts

We believe AI should empower event organizers while respecting their content, creativity, and privacy. Sessionboard Studio is built with care so you can confidently take advantage of cutting-edge AI—without compromising control over your data.

If you ever have questions or want to learn more about how our AI features work, our team is happy to talk. Reach out at support@sessionboard.com or your account manager.

Last Modified: May 5, 2025