Skip to main content
Skip to content

AI & data security

We use AI to make course creation faster, easier, and more accessible, without compromising your data security. Below are answers to common questions about how we use AI and protect your information.

Which AI models does Coassemble use?

We use trusted third-party models from Google, integrated directly with Google's AI services:

  • Text: Gemini Flash, for document transformation, course generation, text refinement, and translation.
  • Images: Gemini 2.5 Flash Image, for AI image generation. This replaced the earlier Imagen model, which Google is retiring.
  • Narration: Google's Chirp voices for AI narration.

You can review Google Gemini's terms of service and data policies here.

How does AI image generation work?

Image generation uses Gemini 2.5 Flash Image and is triggered manually, so you control when images are created and when tokens are used. A monthly image generation allowance applies on some plans, with a usage indicator in the AI image modal. It is no longer in beta.

Does Coassemble use my data to train AI models?

No. Your data and course content are not used to train our AI models. When you use a feature like "Transform a document", your document is securely stored in object storage, and we keep the course context in our database so the AI can generate relevant content for you.

Who owns content created with AI?

You do. You retain full ownership of all content created in Coassemble, whether it's generated with AI or built from scratch.

How does Coassemble protect my data?

We apply the same security standards to our AI features as we do across the whole platform. Your data is encrypted, access-controlled, and handled in line with industry best practice. We are GDPR compliant and hold SOC 2 Type 1 and SOC 2 Type 2. You can review our security controls in the Coassemble Trust Centre.

Where is customer data stored?

By default, customer data is stored and processed on US-based infrastructure, currently in Oregon, USA.

Is Coassemble GDPR compliant?

Yes. Coassemble complies with GDPR requirements, though we do not currently hold a formal GDPR certification.

Does Coassemble have SOC 2 certification?

Yes. Coassemble holds SOC 2 Type 1 and SOC 2 Type 2. You can access the reports through the Coassemble Trust Centre.

Does Coassemble offer a Data Processing Agreement (DPA)?

Yes. We can provide a DPA where appropriate, including provisions covering data processing for AI features. Contact our team to arrange one.

This article is maintained in our help centre. View the original ↗