Local Model and Customer-Controlled AI Risk Acknowledgement

Effective May 15, 2026 · Avalon Flow Inc., a subsidiary of Questili LLP · support@avalonflow.com

For this policy, "Avalon," "we," "us," or "our" means Avalon Flow Inc., a subsidiary of Questili LLP, unless a signed order form or customer agreement identifies a different contracting entity.

This Local Model / Customer-Controlled AI Risk Acknowledgement applies when you or your organization enable a local model, private model, open-source model, BYO AI provider, self-hosted inference server, custom AI endpoint, or other customer-controlled AI system for use with Avalon.

By enabling or using a customer-controlled AI system with Avalon, you accept the responsibilities and risks described below.

1. What this acknowledgement covers

Avalon may allow you to route certain AI tasks to a model or endpoint that you select, host, configure, operate, or control. This may include:

  • local models running on your hardware;
  • self-hosted inference servers;
  • private models in your cloud or tenant;
  • open-source models;
  • BYO API keys or third-party model providers;
  • custom AI endpoints;
  • model gateways, proxies, or routing layers that Avalon does not operate end to end.

These systems are collectively called "Customer-Controlled AI Systems" in this acknowledgement.

2. You are responsible for the systems you choose

You are responsible for selecting, approving, licensing, hosting, securing, configuring, monitoring, updating, and maintaining Customer-Controlled AI Systems.

You are also responsible for ensuring those systems are appropriate for the data and use case, including any confidential, personal, regulated, employee, customer, client, partner, or third-party information processed through them.

3. Avalon does not guarantee customer-controlled AI systems

Unless Avalon expressly agrees otherwise in writing, Avalon does not warrant, certify, validate, benchmark, monitor, or guarantee Customer-Controlled AI Systems or their outputs.

Customer-Controlled AI Systems and their outputs may be:

  • inaccurate, incomplete, outdated, hallucinated, biased, offensive, unsafe, or misleading;
  • vulnerable to prompt injection, jailbreaks, data leakage, malicious prompts, unsafe tool calls, or harmful instructions;
  • unsuitable for legal, compliance, medical, financial, employment, safety-critical, customer-facing, or regulated decisions;
  • affected by model updates, quantization, fine-tuning, system prompts, retrieval configuration, hardware limits, dependency changes, or infrastructure failures;
  • subject to license restrictions, usage restrictions, attribution requirements, export controls, or third-party intellectual-property claims;
  • logged, retained, trained on, inspected, disclosed, or otherwise processed by the model provider, endpoint, runtime, infrastructure, or customer-controlled environment depending on configuration.

You use Customer-Controlled AI Systems and their outputs at your own risk.

4. Required customer controls

Before routing real Customer Content to a Customer-Controlled AI System, you should verify and document:

  • model name, version, provider, license, hosting location, and endpoint owner;
  • approved and prohibited data classes;
  • prompt/output logging, retention, training, fine-tuning, and human-review behavior;
  • endpoint authentication, authorization, encryption, network restrictions, secrets, rate limits, and allowlists;
  • quality, safety, security, privacy, and reliability test results;
  • known limitations, failure modes, and rollback process;
  • human approval rules for drafts, email sends, Slack posts, CRM updates, custom endpoint calls, unsubscribes, deletes, forwards, and other external actions;
  • privacy, security, procurement, and legal approval for the intended use.

5. Data processing and privacy risk

Customer-Controlled AI Systems may process Customer Content outside Avalon's standard hosted AI provider path. Depending on configuration, Customer Content may be exposed to customer infrastructure, third-party model providers, model logs, caches, traces, vector stores, fine-tuning systems, monitoring tools, or support personnel.

You are responsible for determining whether the Customer-Controlled AI System complies with your privacy policy, customer agreements, data processing terms, employee notices, procurement requirements, retention rules, security requirements, and applicable law.

Avalon does not control data handling by customer-hosted or third-party Customer-Controlled AI Systems unless Avalon expressly agrees otherwise in writing.

6. No extraction or distillation of Avalon prompts and internal systems

Customer-Controlled AI Systems create heightened leakage risk because prompts, instructions, tool context, outputs, logs, traces, and workflow behavior may be visible outside Avalon's standard hosted model path. You may not use Customer-Controlled AI Systems, local models, BYO providers, custom endpoints, model gateways, logs, traces, exports, browser automation, scraping, screenshots, traffic capture, repeated querying, differential testing, benchmarking, or any other method to extract, derive, reconstruct, distill, copy, train on, fine-tune on, benchmark against, or otherwise attempt to learn Avalon's non-public prompts, system instructions, internal policies, model-routing logic, safety rules, tool schemas, evaluation data, source code, hidden workflows, ranking logic, detection logic, or proprietary operating methods.

You may not use Avalon outputs, traces, logs, metadata, prompts, completions, UI behavior, or workflow behavior to build, train, improve, operate, or evaluate a competing or substitutive system. You also may not direct any hosted model, local model, custom endpoint, agent, crawler, browser automation tool, employee, contractor, or third-party service to perform these restricted activities on your behalf.

If Avalon reasonably believes a Customer-Controlled AI System is being used to expose, infer, retain, train on, or transmit Avalon confidential information or proprietary system behavior, Avalon may immediately disable or restrict the integration, endpoint, model route, workflow, or account.

7. Security and operational risk

You are responsible for securing the Customer-Controlled AI System, including endpoint authentication, authorization, network access, TLS, secrets, API keys, rate limits, input validation, output validation, timeout controls, error handling, fallback behavior, vulnerability management, monitoring, incident response, and rollback.

If Avalon reasonably believes a Customer-Controlled AI System creates risk to Avalon, users, connected services, third parties, or the public, Avalon may disable or restrict the integration, feature, endpoint, or model route until the risk is resolved.

8. Human review remains required

Customer-Controlled AI System outputs are not professional advice. They must not be used as the sole basis for legal, compliance, financial, employment, medical, safety-critical, or other regulated decisions.

You must review outputs before relying on them or using them externally. Material external actions should remain human-approved unless you have expressly configured and accepted a specific approved automation workflow with appropriate controls.

9. Disclaimer and allocation of risk

To the maximum extent permitted by law and unless Avalon expressly agrees otherwise in writing:

  • Avalon disclaims responsibility for Customer-Controlled AI System selection, licensing, operation, security, safety, quality, accuracy, reliability, availability, data handling, and outputs;
  • you assume all risks arising from your use of Customer-Controlled AI Systems and their outputs;
  • Avalon is not liable for losses, damages, claims, fines, penalties, incidents, business decisions, communications, data disclosures, security events, third-party disputes, regulatory issues, or other harm caused by or arising from Customer-Controlled AI Systems or your failure to review their outputs;
  • you are responsible for claims arising from your Customer-Controlled AI Systems, Customer Content routed to them, outputs generated by them, license or provider-term violations, privacy or security failures, and use of those outputs.

Some jurisdictions do not allow certain waivers or disclaimers, so some of the above may not apply to you.

10. Indemnity

You will defend, indemnify, and hold harmless Avalon and its affiliates, service providers, licensors, and personnel from claims, damages, liabilities, losses, costs, and expenses, including reasonable attorneys' fees, arising from or related to:

  • your selection, hosting, licensing, configuration, operation, or use of Customer-Controlled AI Systems;
  • Customer Content routed to Customer-Controlled AI Systems;
  • outputs generated by Customer-Controlled AI Systems;
  • your breach of model licenses, provider terms, privacy obligations, third-party rights, or applicable law;
  • security incidents, data disclosures, harmful outputs, or harmful actions caused by Customer-Controlled AI Systems or your configurations.

11. Acknowledgement

By enabling or using a Customer-Controlled AI System with Avalon, you confirm that:

  • you have authority to connect the system and process Customer Content through it;
  • you understand Avalon does not guarantee the quality, safety, security, legality, availability, or suitability of the system or its outputs;
  • you accept the risks described in this acknowledgement;
  • you will review outputs before relying on them or using them externally;
  • you will not represent that Avalon has certified, guaranteed, or endorsed the Customer-Controlled AI System unless Avalon expressly says so in writing.

12. Contact

For questions about this acknowledgement, contact support@avalonflow.com.