AI Governance & Transparency

Artificial intelligence is core to FoxtInn’s mission of helping hospitality and service businesses operate smarter. Our AI features — including LALA Virtual GM, predictive maintenance, night audit auto-parsing, and financial insights — are designed with transparency, data protection, and human oversight at their foundation. This page explains how AI works within FoxtInn and the commitments we make to our Customers.

1. Our AI Principles

2. How AI Processes Your Data

2.1 Data Flow

When you use an AI feature (e.g., ask LALA a financial question or trigger a night audit parse):

• Step 1: Your query and the relevant data (e.g., financial figures, task statuses) are assembled within FoxtInn’s secure infrastructure.
• Step 2: The assembled data is sent to a third-party LLM provider (OpenAI or Anthropic) over an encrypted TLS 1.2+ connection.
• Step 3: The provider processes the request and returns the result. No data is retained by the provider after the response is generated.
• Step 4: The result is delivered to you within your FoxtInn account.

2.2 Data Minimization

We follow the principle of data minimization for AI processing:

• Only the data necessary for the specific AI function is sent to the provider.
• Financial data queries require separate OTP authentication by the account owner.
• Guest personally identifiable information is excluded from AI processing unless specifically relevant to the query (e.g., a specific guest request lookup).
• Staff personal data is limited to names and roles when needed for context (e.g., “show me [name]’s schedule”).

3. AI Features Overview

Feature	What It Does	Data Used	Plan
LALA Virtual GM	Natural language Q&A on operations, finances, and tasks	Tasks, schedules, financial summaries, staff assignments	Advanced
Night Audit Auto-Parse	Extracts financial data from forwarded email reports/Z-reports	Email content forwarded by owner; parsed into structured financials	Advanced
Financial Chatbot	OTP-secured conversational interface for P&L, RevPAR, CPOR queries	Financial records, revenue metrics, cost data	Advanced
Predictive Maintenance	Forecasts equipment issues based on patterns and history	Maintenance request history, task completion patterns	Advanced
Smart Housekeeping	Room priority system, escalation alerts, early check-in flagging	Room status, check-in times, housekeeping completion data	Pro & Advanced
Profanity Filter	Detects and flags inappropriate language in team chat (EN + ES)	Chat message content (processed locally, not sent to third-party AI)	Pro & Advanced

4. Third-Party AI Providers

FoxtInn uses the following AI infrastructure providers:

Provider	Use Case	Data Retention	Training on Customer Data
OpenAI, LLC	LLM API for LALA, financial analysis, operational insights	Zero retention after response	Prohibited by contract
Anthropic, PBC	Alternate LLM API (routed by feature/availability)	Zero retention after response	Prohibited by contract

Both providers operate under Data Processing Agreements that explicitly prohibit using Customer Content for model training, fine-tuning, or any purpose beyond delivering the requested output.

5. What AI Cannot Do

• Cannot access data across accounts: AI operates strictly within your account boundary. It cannot see, learn from, or reference data from other FoxtInn customers.
• Cannot make binding decisions: AI outputs are informational and advisory. Hiring, firing, scheduling, pricing, and guest-facing communications remain human decisions.
• Cannot access the internet: AI features do not browse the web or access external data sources during processing (except when accessing your authorized integrations, e.g., STR benchmarking).
• Cannot store conversation history externally: AI conversations are stored within your FoxtInn account only, not by the AI provider.
• Cannot process PHI without a BAA: Healthcare Customers must have a Business Associate Agreement in place before AI features can process Protected Health Information.

6. Accuracy & Limitations

AI outputs are generated by large language models and may contain errors, hallucinations, or inaccuracies. FoxtInn provides AI features as a productivity tool, not as a replacement for professional judgment. Specifically:

• Financial analysis: AI-generated financial summaries should be verified against source records before making business decisions.
• Predictive maintenance: Predictions are based on historical patterns and do not guarantee equipment failure or safety.
• Operational recommendations: AI suggestions reflect data patterns and may not account for context only the operator understands.

FoxtInn is not liable for decisions made in reliance on AI-generated outputs. See our Terms of Service, Section 10.2.

7. Bias & Fairness

We are committed to identifying and mitigating bias in AI outputs:

• AI features do not make decisions about hiring, promotion, termination, or compensation.
• Scheduling recommendations are based on operational data (shift patterns, availability) and do not discriminate based on protected characteristics.
• We monitor AI outputs for patterns of bias and work with our AI providers to address identified issues.
• Customers can report suspected bias to ai@foxtcon.com.

8. Opt-Out & Controls

Customers have full control over AI features:

• Global AI toggle: Disable all AI features from account settings.
• Feature-level toggles: Enable or disable individual AI features (e.g., keep Smart Housekeeping but disable LALA financial queries).
• OTP gating: Financial AI queries require separate one-time password authentication, adding an extra layer of control.
• No degradation: Disabling AI does not affect core platform features (scheduling, time tracking, tasks, chat, guest requests).

9. Regulatory Compliance

9.1 GDPR (EU/UK)

• Article 22: No automated individual decision-making with legal or significant effects. AI outputs are advisory only.
• Article 15(1)(h): Data subjects have the right to meaningful information about the logic involved in AI processing. Descriptions available on request to ai@foxtcon.com.
• Article 35 DPIA: Data Protection Impact Assessments conducted for AI features that may pose high risk to data subjects.
• Data minimization (Article 5(1)(c)): AI features process only the minimum data necessary for the requested functionality.

9.2 EU AI Act (Regulation 2024/1689)

FoxtInn’s AI compliance roadmap under the EU AI Act:

Milestone	Date	Status
Prohibited practices review (Article 5)	February 2, 2025	Compliant — no prohibited AI practices
General-purpose AI transparency (Article 52)	August 2, 2025	Compliant — AI use disclosed in product
High-risk AI assessment (employment-related AI)	August 2, 2026	In progress — Smart Scheduling under review for Article 6 classification
Full framework compliance	August 2, 2027	Planned — documentation, conformity assessment, and post-market monitoring

Classification: FoxtInn’s AI features are primarily classified as limited-risk systems (productivity/advisory tools). Smart Scheduling and workforce optimization features may be classified as high-risk under Annex III (employment and worker management) and are subject to enhanced requirements including conformity assessments, human oversight, and technical documentation.

9.3 US State AI Laws

• Colorado AI Act (effective June 1, 2026): FoxtInn will conduct algorithmic impact assessments for AI features used in employment-related decisions. Impact assessment documentation available to Colorado Attorney General on request.
• Texas TRAIGA (effective January 1, 2026): FoxtInn does not develop or deploy AI that manipulates toward self-harm, discriminates against protected classes, or infringes constitutional rights.
• Other states: FoxtInn monitors AI legislation in all US states and adapts compliance measures as laws take effect.

9.4 CCPA/CPRA (California)

• Customers may opt out of AI features that process personal information.
• Automated profiling that produces legal or significant effects is not performed.
• Right to opt-out of automated decision-making technology honored.

9.5 Brazil (LGPD)

AI features comply with LGPD requirements for automated processing. Data subjects may request review of decisions made by automated means (Article 20). FoxtInn’s AI features are advisory only, ensuring no binding automated decisions.

9.6 India (DPDP Act)

AI features comply with the Digital Personal Data Protection Act requirements for algorithmic processing. No behavioral monitoring or targeted advertising of children through AI features.

9.7 Other Jurisdictions

FoxtInn monitors global AI regulation developments including: South Korea AI Basic Act, Japan AI Guidelines, Singapore Model AI Governance Framework, Canada Voluntary Code of Conduct on Responsible AI, Australia Safe and Responsible AI principles, and the OECD AI Principles. Our advisory-only AI approach ensures compliance with emerging regulatory requirements globally.

10. Algorithmic Impact Assessments

FoxtInn conducts Algorithmic Impact Assessments (AIAs) for AI features with potential impact on individuals:

• Scope: All AI features that process personal data or influence operational decisions.
• Frequency: Before launch of new AI features and annually thereafter.
• Content: Risk identification, bias analysis, accuracy evaluation, mitigation measures, and human oversight requirements.
• Availability: AIA summaries available to enterprise Customers and regulatory authorities on request.

11. Contact

AI questions & bias reports: ai@foxtcon.com
Privacy: privacy@foxtcon.com
DPO: dpo@foxtcon.com