AI Standards

Flowstate exists to make businesses AI-native. That means AI is not a bolt-on for us. It is how we think, how we operate, and how we deliver results for our clients.

Being AI-first comes with a responsibility. If we are going to champion AI as the way forward for business, we need to use it well. That means using it safely, ethically, and with full transparency about how it works inside our own business.

This document sets out our AI policy and internal guardrails. It covers how we use AI, what tools we rely on, how we keep your data safe, and the standards we hold ourselves to. It is written for our clients, our partners, and our team.

We are unashamedly AI-first. Not because it is a trend, but because we believe it is the best way to get great outcomes for our clients. The goal has always been to free people to do the work that matters.

AI makes that possible.

1. Our AI-First Approach

What it means to operate as an AI-native business, and why we do it

1.1 What AI-native means at Flowstate

AI-native means AI is embedded into how we work, not layered on top. Our team uses AI tools daily to assist with research, analysis, content, client work, internal operations, and decision-making. We do not use AI to replace human judgement. We use it to sharpen it.

1.2 Why we operate this way

We believe wasted human potential is one of the most costly problems in business today. Great people spend too much time on work that AI can handle. Our own operations reflect the same principle we bring to our clients: your best people should spend their time on the work only they can do.

1.3 Human oversight always applies

AI assists our team. It does not replace our accountability. Every piece of client-facing work, every recommendation, and every deliverable is reviewed, owned, and signed off by a human. AI accelerates the process. Humans own the outcome.


1.1 What AI-native means at Flowstate

2. The Tools We Use

An overview of the AI platforms and tools that power our operations.
We use a range of AI tools across our business. These fall into three broad categories.

2.1 Large language models (LLMs)

We use leading large language models including Claude (Anthropic), ChatGPT (OpenAI), and Grok (xAI) to support reasoning, analysis, drafting, research, and a wide range of client and internal work. Each of these platforms is developed by organisations at the frontier of AI research, with enterprise-grade security programmes and published compliance credentials.These platforms are operated by US-based organisations. Data processed through them may be subject to US law and jurisdiction. We configure these platforms to opt out of model training on our data and our clients' data wherever that option is available. Enterprise data processing agreements (DPAs) with these providers are being progressively put in place; current status is tracked in Outstanding Confirmations at the end of this document.

2.2 Viktor — our internal AI agent and operations platform

Viktor is Flowstate's internal AI agent, operating within our Slack workspace. Viktor supports CRM-style functions, client communications, workflow coordination, internal operations, and day-to-day business management, acting as our system of record for operational workflows.Like every tool in our stack, Viktor is subject to the same data handling, access control, and ethical use principles that apply across our entire operation. Confirmation of any formal third-party security certification held by Viktor, or by the infrastructure it runs on, is in progress

2.3 Native AI within our SaaS tools

Many of the software platforms we use day-to-day include AI assistants built directly into the product. We use these where they help our team work more effectively. Any AI capability we use, whether standalone or embedded in another product, is subject to the same data handling principles we apply across our entire operation.

2.4 How we evaluate every tool we use

We are selective. Every tool we add to our stack is evaluated against the following criteria before it is used in our business or recommended to a client.

  • Does it have a credible, independently verified security posture?
  • Does it have a clear and enforceable data retention and privacy policy?
  • Does it allow us to opt out of using our data to train its models?
  • Is it actively maintained by a responsible organisation with a track record of transparency?
  • Can we limit and control what data flows into it?

If a tool cannot satisfy these criteria, we do not use it. This applies to tools we use internally and tools we recommend to clients. A current register of approved AI tools is maintained internally and is available to clients on request.

3. Security and Compliance

The certifications and standards that underpin how we handle data.

The platforms we use hold independent, third-party verified security certifications. These are not self-assessments. They are formal audits conducted by qualified external parties against internationally recognised standards.

- SOC 2 Type II: Continuous security controls, independently audited
- ISO 27001:2022: International information security management standard
- ISO/IEC 42001:2023: AI management system certification

SOC 2 Type II is worth explaining in plain terms. It is not a one-time tick. It requires an independent auditor to verify that security controls are not just in place, but operating effectively over an extended period of time, typically six to twelve months of continuous monitoring. The platforms we rely on hold this certification. That matters. Which specific certification applies to which named platform is confirmed in Outstanding Confirmations before being attributed individually.

3.1 Encryption

All data that passes through the tools we use is encrypted. In transit, that means TLS 1.2 or higher on every network request. At rest, that means AES-256 encryption. These are the industry benchmarks for secure data handling.

3.2 No training on our data

We configure the platforms we use to ensure our data, and our clients' data, is not used to train AI models. For enterprise and API-level configurations, this is the default position of the major platforms we work with. Where additional agreements are available to reinforce this, we put them in place.

3.3 Access controls

Access to data within our platforms is limited to team members who need it to do their work. Staff at the platforms we use cannot access our conversations or data by default. Our own internal access is managed on the same basis: minimum necessary access, clearly defined.

3.4 AI integrations and connected systems

Our team uses integrations that allow AI tools to connect with other business systems, such as project management, communication, and document platforms. When these integrations are active, data from connected systems is accessed only for the purpose of completing the task at hand. The same data minimisation principles apply.

Our team is trained to connect only what is necessary, and to understand what data is in scope when an integration is in use. Client-sensitive data is not passed through integrations unless the data agreement covering that platform has been confirmed.

3.5 Cross-border data transfers and GDPR

Flowstate is an Australian business and our primary compliance obligations are under Australian law. Some of the AI platforms and tools we use are operated by organisations based in the United States or other jurisdictions. When data is processed by these platforms, it may be transferred internationally.

We manage this by ensuring all platforms we use have published privacy policies and data processing terms that meet or exceed Australian Privacy Principle (APP) 8 requirements for cross-border disclosures, and by not passing sensitive client data through platforms that cannot demonstrate adequate data protection.

For clients operating under the EU General Data Protection Regulation (GDPR), Flowstate applies additional protections in line with GDPR requirements. This includes:

  • Entering into Data Processing Agreements (DPAs) with affected clients where required.
  • Ensuring personal data belonging to EU-based data subjects is only transferred to platforms with adequate safeguards in place, such as Standard Contractual Clauses (SCCs) or equivalent mechanisms.
  • Honouring data subject rights including the right of access, rectification, erasure, and portability, in line with GDPR obligations.
  • Notifying affected clients without undue delay in the event of a personal data breach involving EU data subjects, in accordance with GDPR Articles 33 and 34.

DPAs with current GDPR-affected clients are being progressed on a rolling basis. Full confirmation of coverage, and legal verification that our cross-border transfer mechanisms are adequate for each relevant jurisdiction, is tracked in Outstanding Confirmations.

4. Data Handling

How we manage data across all tools, platforms, and engagements.

4.1 Data classification

Not all data is equal. We apply a simple classification framework to guide how data is handled across our operations.

  • Public: Information that is publicly available or approved for public use. Standard handling applies.
  • Business Confidential: Client business information, strategy, and commercial data shared during engagements. Limited to team members working on that engagement.
  • Personal Information (PII): Any information that identifies or could identify an individual. Handled under our Privacy Act and GDPR obligations and processed only within platforms with appropriate data agreements in place.
  • Sensitive or Regulated: Financial data, health information, legal documents, or data subject to specific regulatory requirements — including data encountered across our retail, automotive, health, finance, and property client base. Elevated handling standards apply and must be approved before being passed through any AI tool.

4.2 Our principles

  • Minimum necessary data: we only collect and store what we need to do the work.
  • Separation of client data: client data is not commingled across engagements.
  • Retention limits: we do not hold data longer than required. When an engagement ends, we follow defined offboarding steps to close access and archive or delete data appropriately.
  • Prompt discipline: our team is trained on what is and is not appropriate to include in AI prompts. Sensitive or confidential information is handled only within platforms where appropriate data agreements are in place.

4.3 Privacy and compliance

Flowstate operates in Australia and complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This governs how we collect, use, disclose, and store personal information.

In the normal course of business, we may collect contact information, business information shared during client engagements, and usage information from our website and digital tools. We do not sell personal information. We do not share it with third parties for marketing purposes.

You have the right to request access to the personal information we hold about you, to correct inaccurate information, and to ask us to delete it where there is no legal reason for us to retain it. Contact us at hello@flowstateai.com.au to make a request.

4.4 Australian Spam Act compliance

As a lifecycle and email marketing agency, Flowstate's work directly intersects with the Australian Spam Act 2003 (Cth). AI plays a role in how we draft, optimise, and in some cases automate email communications on behalf of clients.

Our commitments under the Spam Act are non-negotiable:

  • AI is never used to send commercial electronic messages without a valid consent basis.
  • Unsubscribe mechanisms are always present, functional, and honoured within five business days as required by law.
  • AI does not override or bypass consent signals, suppression lists, or opt-out records under any circumstances.
  • Sender identity is always accurate. We do not use AI to generate deceptive sender names, reply-to addresses, or subject lines that misrepresent the origin or content of a message.
  • AI-assisted segmentation and audience targeting decisions are reviewed by a human team member before deployment.

Alignment between these commitments and our day-to-day email production SOPs is checked as part of our quarterly spot-check (section 7.3).

5. Intellectual Property

Who owns AI-assisted work and how we handle it.

5.1 Ownership of deliverables

All work delivered to clients by Flowstate, including work produced with AI assistance, is delivered under the terms of the relevant client agreement. Unless otherwise specified in writing, intellectual property in deliverables passes to the client upon full payment.

AI tools used in the production of that work do not acquire rights in the output. The legal position on AI-generated content continues to evolve in Australia and internationally. Flowstate monitors this and will update its position as the law develops

5.2 Flowstate IP and tools

AI-assisted tools, systems, frameworks, and internal processes developed by Flowstate remain the intellectual property of Flowstate. This includes proprietary workflows, prompt libraries, automation configurations, and operational systems built for internal use or reused across client engagements.

5.3 What AI involvement means at Flowstate

At Flowstate, AI works alongside our team to extend our capacity, speed, and quality across the workflow. We build and use AI-assisted tools, systems, and frameworks to support the brands we work with, and we continually refine these against our own performance benchmarks.

AI is a collaborator in our process. It does not replace human ownership of the work, and final accountability for every deliverable sits with a named member of our team.

When AI plays a material role in the work we deliver, we are transparent about that with clients. We do not present AI-generated work as entirely human-authored where the distinction is relevant. ‘Material’ means AI contributed substantively to the strategy, structure, or content of a deliverable, not incidental use such as a single AI-assisted subject line variant within an otherwise human-led campaign. This threshold is applied consistently by the team and documented in the Staff AI SOP.

6. Ethical Use of AI

Who owns AI-assisted work and how we handle it.

6.1 Our commitment

We believe AI should be used to create better outcomes for people, not to exploit, manipulate, or deceive. As a business that advocates for AI adoption, we hold ourselves to a higher standard than most. Our credibility depends on it.

6.2 What we will not do

  • We will not use AI to generate misleading or deceptive content, including deceptive subject lines, false sender identity, or manipulative messaging.
  • We will not use AI to automate decisions that affect people without human review.
  • We will not use AI to scrape, harvest, or misuse personal data.
  • We will not present AI-generated work as entirely human-authored where that distinction matters.
  • We will not recommend AI tools to clients that we would not use ourselves.
  • We will not use AI to override, suppress, or work around a recipient's unsubscribe or consent preferences.
  • We will not allow AI to make final send decisions on commercial communications without human sign-off.

6.3 Bias and fairness

AI models can reflect biases present in the data they were trained on. We take this seriously, particularly in the context of personalisation, audience segmentation, and content generation across diverse customer bases.

Our team is trained to review AI outputs with a critical eye for content that could be discriminatory, stereotypical, or unfair. Before AI-assisted segmentation, targeting, or personalisation logic is applied, a human team member reviews the underlying logic and output. This review is recorded and checked as part of our quarterly spot-check (section 7.3).

6.4 Accuracy and limitations

AI outputs are not infallible. Large language models can produce confident-sounding content that is factually incorrect, outdated, or unsuitable for a specific context. This is a known characteristic of current AI technology.

Flowstate's position is that AI output is always a draft, not a final product. Every AI-generated output is reviewed by a qualified team member before it reaches a client or goes live. We do not warrant that AI tools will produce error-free results, but we do warrant that our review processes are designed to catch and correct errors before they cause harm.

6.5 Staying current

The AI landscape moves fast. Our internal standards evolve with it. We review our tool stack, our data practices, and this policy on a regular basis to ensure we remain aligned with current best practice, emerging regulation, and the expectations of the clients we serve.

7. Governance

How this policy is owned, maintained, and enforced.

7.1 Policy ownership

This policy is owned and approved by Simon Chin, CEO. The policy owner is responsible for:

  • Keeping this document current and accurate.
  • Ensuring the team is trained and compliant.
  • Reviewing the policy at minimum every six months or following any material change to tools, operations, or regulation.
  • Escalating any material compliance concern appropriately.

7.2 Team and contractor obligations

This policy applies to all Flowstate team members, including permanent employees and contractors. All personnel are required to:

  • Read and acknowledge this policy upon joining Flowstate or upon engagement as a contractor.
  • Complete AI literacy and responsible use training before using AI tools as part of their role.
  • Comply with the data handling, prompt discipline, and ethical use standards set out here.
  • Raise any concern, potential breach, or uncertainty with their manager or the policy owner immediately.

Contractor agreement templates are being updated to explicitly reference this policy by name and bind contractors to its terms. This is being progressed with our legal adviser; current status is tracked in Outstanding Confirmations.

7.3 AI usage auditing

Flowstate maintains a structured, lightweight approach to monitoring how AI tools are used across the team. The process is as follows:

  • Step 1 — Approved Tool Register: The policy owner maintains a current written register of all approved AI tools. No team member may use an AI tool not on this register for any client-facing or business-critical work without prior approval.
  • Step 2 — New Tool Request: Any team member who wants to use a new AI tool must submit a written request to the policy owner before use. The request is evaluated against the criteria in section 2.4. Approval or rejection is confirmed in writing and the register is updated accordingly.
  • Step 3 — Monthly Team Check-in: AI tool usage is a standing agenda item in the monthly team meeting. Team members raise any new tools used, concerns encountered, or issues to be flagged. This keeps the team aligned and surfaces emerging risks early.
  • Step 4 — Quarterly Spot-Check: Each quarter, the policy owner reviews a sample of AI-assisted deliverables to confirm that review standards, data handling practices, and output quality are being maintained in line with this policy.
  • Step 5 — Incident Log: Any AI-related incident, near-miss, or concern is logged by the policy owner at the time it occurs and reviewed quarterly. This log is used to identify patterns and drive improvements to controls and training.
  • Step 6 — Annual Policy Review: The full policy and tool stack are reviewed annually (or sooner if material changes occur) against current best practice, regulation, and Flowstate's evolving operations.

8. Internal Guardrails

How we govern AI use inside our own team.

8.1 Team training

Every Flowstate team member and contractor is trained on responsible AI use before they use AI tools as part of their role. Training covers data hygiene, appropriate use cases, prompt discipline, and the limits of AI outputs. We treat AI literacy as a core professional standard, not an optional extra.

Completion of this training is logged through a written acknowledgement, signed by each team member and contractor when training is completed, and held on file by the policy owner.

8.2 Output review

AI-generated content and outputs are always reviewed by a human before they are delivered to a client or published publicly. AI is used to assist and accelerate. The person who sends the work owns it.

8.3 Prompt discipline

Our team is trained to treat prompts as inputs that reach external systems. We apply structured prompting practices and maintain shared guidance that helps our team get consistent, high-quality results while keeping data handling appropriate at every step.

8.4 Client notification

When AI plays a material role in the work we deliver, this is disclosed to the client through a standing clause in the Statement of Work (SOW) at the start of the engagement, covering AI-assisted work for the duration of that engagement.

8.5 Tool changes

When Flowstate makes a material change to its AI tool stack, for example changing the primary LLM used in client work or replacing a core platform, affected clients will be notified in writing in advance of the change taking effect. The specific notice period is being finalised; see Outstanding Confirmations.

8.6 Incident response

If a team member identifies a data handling issue, a security concern, or an ethical breach related to AI use, they are expected to raise it immediately with Simon Chin, CEO.

Flowstate will:

  • Investigate the incident within 48 hours of it being raised.
  • Contain any ongoing risk as the first priority.
  • Notify affected clients promptly if their data or work is involved.
  • Where required under the Privacy Act 1988 Notifiable Data Breaches (NDB) scheme, notify the Office of the Australian Information Commissioner (OAIC) and affected individuals within 30 days of becoming aware of an eligible data breach.
  • Where GDPR-affected clients or data subjects are involved, notify the relevant supervisory authority within 72 hours as required under GDPR Article 33.
  • Document the incident, its cause, and the corrective action taken. This record is stored in the AI Incident Log maintained by the policy owner.

Alignment of these timelines with our professional indemnity and cyber insurance obligations is tracked in Outstanding Confirmations.

9. Contact and Updates

This policy is reviewed at minimum every six months, or sooner if there are material changes to our tools, operations, or the regulatory environment.

If you have questions about this policy, how we use AI, or how we handle your data, please contact us:

A final word

We are not AI-first because it is fashionable. We are AI-first because we have seen what it does when it is used well. It gives people their time back. It makes businesses more capable. It creates space for the work that actually matters. That is what we are here to do, and this policy reflects how seriously we take the responsibility that comes with it.