AI Use & safety
How AI is used inside Leed/AI, what it is allowed to do, what it is never allowed to do, and how humans stay in control.
Effective & last updated · June 2026
01 · Core principle
AI assists. Humans decide. Every consequential business action on LEED/AI — accepting a lead, sending a reply, pricing, payment — requires a human decision. AI prepares; the account owner approves.
02 · What our AI does
- Captures and verifies inbound inquiries.
- Asks a limited number of qualification questions (capped per plan).
- Scores leads (HOT / WARM / COLD) with a stated confidence level.
- Summarizes conversations and recommends a next action.
- Drafts replies for the account owner to edit and approve.
- Sends notifications and reminders the account owner configured.
- Answers lead questions strictly from the account owner’s approved knowledge base.
03 · What our AI never does
- Never negotiates final pricing or offers discounts.
- Never signs contracts or makes delivery commitments.
- Never collects payments or moves money.
- Never sends a business reply to a lead without the account owner’s approval.
- Never contacts a lead before the account owner accepts the conversation (conversation lock).
- Never invents facts when the knowledge base lacks an answer — it says so and defers to the owner.
- Never accesses another customer’s data (enforced by row-level security and query-level isolation).
04 · Human approval
AI-drafted replies are presented as editable drafts and are only delivered when the account owner explicitly sends them. Marketing campaigns require explicit owner action and recipient consent. Direct communication with a lead is locked until the owner accepts that lead — enforced on the server, not just in the interface.
05 · Disclosure to leads
Automated interactions identify themselves as AI at the start of each interaction — not buried in a footer or shown only once. Specifically:
- The qualification assistant opens every new conversation by presenting itself as an AI assistant operating on behalf of the account owner.
- Outbound notification messages carry the disclosure: “Sent by Leed/AI on behalf of [account owner name].”
- If a lead explicitly asks whether they are speaking to a human or an AI, the system will always truthfully confirm it is an AI.
- A lead may request to speak directly with the account owner at any time; the system will flag this to the owner for personal follow-up rather than attempt to handle it autonomously.
We do not impersonate humans. This disclosure standard is designed to meet the requirements of the EU AI Act (Article 52) and equivalent emerging regulations.
06 · Limits & abuse protection
- Per-plan caps on AI questions and AI reply drafts, enforced server-side.
- Rate limits on OTP requests and messaging actions.
- Prompt-injection and abuse detection on inbound messages; abusive or spam content is flagged and never triggers urgent alerts.
- Data-loss-prevention scanning on AI output before it is shown.
07 · Data isolation
Every customer’s data — leads, conversations, documents, embeddings — is isolated per account. AI retrieval queries filter by the owning account inside the database itself, so cross-customer access is structurally impossible, not merely policy.
08 · Escalation & human review
When the AI is uncertain, detects sensitive topics (pricing negotiation, legal questions, complaints), or a lead requests a human, the conversation is flagged for the account owner’s personal attention rather than handled autonomously. Escalations appear in the dashboard with the reason recorded.
09 · Contact
Questions about this policy: Support@leed-ai.com · leed-ai.com.