Skip to content
CBT Nuggets
DemoRequest Demo

AI governance in the CBT Nuggets help center

This page is for IT Directors, Training Managers, and privacy reviewers evaluating how CBT Nuggets handles customer support data. It describes where AI assistance is used in our help center, the scope boundary for AI-assisted content, and the privacy invariants we enforce at the query layer.

Scope boundary

Our training content — videos, Playlists, Virtual Labs, Practice Exams — is crafted by expert trainers. It is not AI-generated. The AI assistance described on this page applies only to help-center articles (this /support hub) that document platform behavior.

How it works

A CBT Nuggets support admin triggers an analysis over aggregated, anonymized themes across many closed support cases. For each resulting topic the admin may produce a draft article, which is then reviewed and approved by a human support engineer before it is published. Drafts never auto- publish, and AI-origin articles default to noindexuntil an admin explicitly opts them into search indexing.

Privacy invariants (server-side enforced)

  • 180-day aging floor.We never mine cases that were resolved in the last 180 days. This is enforced at the query layer — an admin cannot override it via the UI or the API.
  • Multi-case aggregation threshold. A topic only proceeds to article drafting when at least three distinct customer cases describe the same underlying issue. Single-case topics are discarded.
  • Personal information redaction. Case text passes through a deterministic regex scrubber (emails, phone numbers, postal addresses, credit-card fragments, SSN / national-ID patterns, bank account numbers, API tokens, IP addresses, internal identifiers) before it is used to draft an article. A second best-effort AI redaction pass targets company names, internal system names, and competitor mentions; if the second pass errors, the case still carries the deterministic redactions.
  • Generalization directive.The drafting prompt instructs the model to describe the class of problem and a general resolution path — not the specific scenario reported by any one customer.

Excluded case categories

The following case types are excluded from the mining pipeline by server-side policy: billing, contract, cancellation, refund, legal, security, outage, incident, complaint, escalation, trust & safety, data / DSAR requests, churn / at-risk / downgrade, training-content errors, feature requests, and non-customer partner / reseller / internal test cases.

Your data rights

Customers or their IT admins can request confirmation of whether a given case was used in the research behind an article, or request removal of case data from our drafting pipeline. Email privacy@cbtnuggets.com with the affected case number or account identifier. After verification we will remove case identifiers from all proposals and from any article draft that referenced them, flag the affected articles for re-review, and confirm completion in writing.

Questions for your security review

If you are scoping CBT Nuggets for procurement or a security questionnaire, your CBT Nuggets account team can share:

  • The current sub-processor list, including the AI model providers used in the scrub and drafting pipelines
  • Our DPA and Art. 28 commitments
  • Retention windows for proposals, drafts, and the audit rows recording each analysis run
  • The canonical list of BLOCKED case categories and the PR process required to change it

Feedback

See something in an article that looks wrong, outdated, or uncomfortably specific? Let us know— accuracy and customer trust come first.