Responsible Artificial Intelligence

This policy applies to the design, development, and use of Artificial Intelligence (AI) systems — including, but not limited to, machine learning models, large language models, predictive analytics, and other data-driven or algorithmic decision-making systems used by or on behalf of Sound of Data.

We use AI systems to assist employees across the organization in daily operations, decision-making, development, and service delivery. These systems are implemented to support efficiency, quality, and innovation — always under human oversight and in compliance with applicable laws and regulations, including the General Data Protection Regulation (GDPR) and the European Union Artificial Intelligence Act (AI Act).

We are committed to ensuring that all AI systems used or developed by Sound of Data are transparent, explainable, and free from unlawful bias or discrimination. We only use AI in ways that are lawful, ethical, and aligned with our organization’s values and contractual commitments.

We continuously challenge ourselves to improve our governance, accountability, and security in the use of AI. We monitor our performance and evaluate outcomes to ensure progress towards our objectives and compliance with relevant standards. Everyone at Sound of Data is responsible for using AI tools and systems responsibly, following the internal guidelines established under our integrated management system (IMS).

Teamwork, engagement, ownership, and support from everyone in the organization are critical to achieving our AI governance goals. We are committed to providing the necessary leadership and resources to enable Sound of Data to continuously improve, review, and communicate its approach to AI across the business and its stakeholders.

We are committed to achieving the highest standards for the use of Artificial Intelligence across our products and services. To this end, we have implemented an integrated management system that covers AI governance, data protection, information security, and quality. This system is fully aligned with ISO standards and applies to the entire organization. It is verified annually by external certification bodies.

• We ensure that appropriate and effective controls are in place to prevent unlawful, biased, or unauthorized use of AI systems, as well as to safeguard the confidentiality, integrity, and availability of the data they process.

• We ensure that AI systems are developed, procured, and operated in a transparent, explainable, and secure manner. Where relevant, we will make sure that individuals are aware of and understand the role of AI in our services, particularly when it influences decisions that affect them.

• We only collect, process, and use data necessary to fulfill the specified purposes of AI systems. We will not retain data, model outputs, or derived information beyond what is necessary for those purposes. All processing is performed in line with the principles of data minimization and lawful use as set out in our Data Protection Policy.

• We recognize that we are responsible for the AI systems under our control. To ensure compliance with these principles and all applicable laws and regulations, we have designated individuals within our governance structure to oversee AI risk management, transparency, and compliance.

• We only use AI systems in accordance with laws and regulations, and within the limits of the purposes specified in our privacy, information security, and quality policies. Additionally, we adhere to the requirements outlined in our contracts with customers and suppliers, ensuring that AI is applied ethically, securely, and in line with Sound of Data’s values.