Craig Data Handling and Privacy

This article is intended for administrators and technical reviewers evaluating Craig for their organization. It covers what data Craig sends to the AI model, what it never accesses, and the infrastructure and privacy controls in place.

How Craig works

Craig runs on AWS Bedrock, within a defined AWS region. It operates in three phases:

  1. Discovery — the AI model reviews your prompt and selects which public data sources to call.
  2. Fetch — Craig retrieves data directly from those public sources. The AI model is not involved in this step.
  3. Format — the AI model receives the retrieved data and produces a human-readable briefing.

What data is sent to the AI model

Each time Craig runs, the following is passed to the AI model:

  • The prompt template authored by you or your administrator.
  • Any organization context entries your administrator has configured — such as place names, equipment notes, or local acronyms.
  • Location names from the prompt, and the resolved coordinates used to fetch local data.
  • Results returned from public data sources — for example, weather forecasts or hydrometric readings.

What data is never sent to the AI model

The following is never exposed to Craig under any circumstances:

  • Member and contact information — names, phone numbers, or email addresses.
  • Message history, voice recordings, call logs, or inbound replies.
  • Poll responses or activation records.
  • Authentication, billing, or payment data.
  • Data from any other organization — every Craig session is scoped to your organization only.

Infrastructure and privacy controls

  • AWS Bedrock. Craig's AI processing runs inside the configured AWS region. Data does not egress to third-party AI providers, and AWS does not use Bedrock inputs or outputs to train AI models.
  • Tenant isolation. Every Craig session is scoped to your organization. Context queries are filtered at the organization level — Craig cannot access or return data belonging to another organization.
  • Read-only tool access. Craig's tools are limited to read-only data retrieval from named public APIs. There is no mechanism to query internal Connect Rocket systems, contact databases, or any other non-public source.
  • Audit trail. All tool calls, data requests, and AI processing activity are logged on every Craig execution and are available for after-the-fact review.
  • Error containment. If Craig encounters an error during processing, it is caught at the service boundary and surfaced to the user as a visible failure — it does not fail silently.

Organization context entries

Administrators can configure organization context entries — curated reference notes that Craig can draw on when generating a briefing, such as local place names, equipment identifiers, or organizational terminology.

These entries are sent to the AI model on demand.

Do not store personal information, passwords, credentials, or sensitive operational details in organization context entries. These fields are intended for general organizational reference only. Anything entered here may be passed to the AI model when Craig runs.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us

Related Articles