AI & Model Use Policy.
Last updated: 2026-06-25
This Policy explains how Karta handles AI model access, Inputs, Outputs, Agent Actions, Model Provider terms, AI-specific risk, and the handling of data associated with AI processing. It supplements and is incorporated into the Karta Terms of Service ("Terms") and works together with the Privacy Policy, Data Processing Addendum ("DPA"), Acceptable Use Policy ("AUP"), and Refund & Billing Policy.
Capitalized terms used but not defined in this Policy have the meaning given in the Terms. This Policy does not grant Customer any rights, warranties, service levels, or remedies beyond those in the Terms, and does not expand, narrow, or supersede the warranty disclaimers, limitations of liability, or indemnification provisions of the Terms. If this Policy conflicts with the Terms, the Terms control unless the Terms state otherwise.
1. Covered AI Capabilities
This Policy applies to:
- hosted Agents and Releases;
- Karta-managed model access metered against Credits;
- BYOK model access using Customer-supplied Model Provider keys;
- Agent Actions, tool calls, MCP servers, connectors, and external APIs;
- hosted chat, embeddable chat, APIs, and streaming responses; and
- AI-generated Outputs, generated code, and workspace artifacts.
2. No Training by Karta
Karta does not use Customer Content or End-User Data to train, fine-tune, or improve Karta or third-party AI models unless Customer expressly opts in.
Karta may collect and use Operational Metadata to provide, secure, debug, meter, monitor, audit, troubleshoot, and improve the Services and to enforce the Terms and policies. "Operational Metadata" means usage, diagnostic, billing, and telemetry information generated through use of the Services, such as token counts, model and provider identifiers, routing decisions, latency, error rates, spend, fair-use and cap signals, and usage events. Operational Metadata does not include the substantive content of Inputs or Outputs, and Karta does not use the substantive content of Inputs or Outputs for model training.
Karta may also create and use aggregated and de-identified data derived from use of the Services for any lawful business purpose, including analytics, reporting, capacity planning, security, and improving the Services, provided that such data is maintained in a form that does not identify Customer, any Authorized User, or any end user and is not used to train AI models on Customer Content or End-User Data. Aggregated and de-identified data is not Customer Content or End-User Data. Karta will take reasonable measures to ensure such data cannot be associated with an identified or identifiable individual, will maintain and use it only in de-identified form, will not attempt to re-identify it, and will contractually obligate any recipient of such data to maintain it in de-identified form and not to re-identify it. Karta's rights under this paragraph and Karta's right to use Operational Metadata survive any expiration or termination of the Terms.
This Section does not restrict any Model Provider's own use of data, which for Karta-managed access is governed by the applicable Model Provider terms and, for Karta Subprocessors, by Karta's contracts with those providers, and which for BYOK access is governed by Customer's own agreement with its provider.
3. Karta-Managed Model Access
In Karta-managed mode, Karta contracts with one or more Model Providers and routes Inputs and Outputs to a provider to perform inference, and meters that usage against Credits. The Model Provider(s) Karta currently uses for Karta-managed inference are identified as Subprocessors in the Sub-processor List, and any Model Provider Karta adds for Karta-managed inference will be reflected in the Sub-processor List in accordance with the change process in the DPA and Sub-processor List.
Customer and its end users must comply with the applicable Model Provider terms, usage policies, safety policies, supported-region rules, model licenses, rate limits, and other restrictions. These upstream requirements are incorporated by reference, and a violation of an applicable Model Provider policy is also a violation of the Terms and the AUP. Customer must flow down equivalent obligations to its Authorized Users and end users and is responsible for their compliance.
Karta may, in its discretion and without liability, add, change, deprecate, route among, or remove available models, providers, rates, regions, routing, safety controls, content filters, and other configuration as providers change their offerings, terms, prices, availability, or safety requirements, or as Karta deems appropriate to operate the Services, comply with law, or meet upstream-provider obligations. Karta may apply its own safety controls in addition to those of any Model Provider, including blocking or modifying Inputs or Outputs.
4. BYOK Model Access
In BYOK mode, Customer supplies a Model Provider key, contracts with the provider, and pays the provider directly. Customer represents that it is authorized to use the key and the associated provider account and that its use complies with the provider's terms. Karta stores BYOK keys using encryption designed to protect them at rest and decrypts them only as needed to serve a request; this describes Karta's design and is not a guarantee, and the security provisions and disclaimers of the Terms apply.
Customer is solely responsible for the provisioning, scoping, security, and rotation of its BYOK keys, and bears all consequences of any compromise, leakage, or misuse of those keys, including all third-party charges, provider actions, and other losses arising from such compromise. Customer must notify Karta promptly upon learning of any actual or suspected compromise of a BYOK key and must promptly rotate or revoke the affected key. Customer's indemnification obligations in the Terms apply to claims arising from a BYOK key compromise or misuse.
For BYOK traffic:
- the Model Provider is Customer's provider, not Karta's Subprocessor;
- Customer's provider agreement governs provider data handling, retention, training, security, pricing, and availability;
- Customer is solely responsible for provider terms, keys, quotas, billing, disputes, taxes, and compliance, and BYOK usage is outside the Credits prepaid guarantee and billed directly by the provider;
- Karta's rate card, if shown, may be used only to estimate usage against plan or fair-use ceilings and is not a price quoted or charged by the provider; and
- Karta is not responsible or liable for any BYOK provider act, omission, outage, suspension, rate limit, policy action, data-handling practice, security incident, or charge.
5. Third-Party Tools and Agent Actions
Customer controls what tools, connectors, MCP servers, APIs, accounts, credentials, and external systems an Agent can access. When Customer configures an Agent to use a third party, Customer instructs and authorizes Karta to transmit the relevant data to that third party, and that data leaves Karta's control once delivered. Such third parties are not Karta Subprocessors, and their handling of data is governed by Customer's agreements with them.
Karta does not control, endorse, or assume responsibility for third-party tools, connectors, MCP servers, or external systems, or for any Agent Action taken under Customer's configuration, including actions taken autonomously by an Agent. Customer is responsible for authorization, lawful basis, notices, consents, scope of access, least-privilege credentials, guardrails, human review, prompt-injection and tool-misuse resistance, output and action validation, and all downstream effects. An Agent Action is attributable to the Customer that configured and deployed the Agent, and Customer's indemnification obligations in the Terms apply to claims arising from any Agent Action or from Customer's use of third-party tools, connectors, MCP servers, or external systems.
6. Output Limitations and No Reliance
Outputs and Agent Actions are probabilistic and may be inaccurate, incomplete, misleading, outdated, biased, offensive, unsafe, non-unique, or legally unprotectable, and may be similar or identical to outputs generated for others. Karta does not warrant that Outputs are accurate, current, complete, fit for any purpose, or non-infringing, and the "as is" and "as available" disclaimers in the Terms apply in full.
Customer is responsible for reviewing and validating Outputs and Agent Actions before relying on them, acting on them, or exposing them to end users, including determining where human review is appropriate. Customer must not rely on Outputs as a substitute for independent verification, and Customer must notify its end users that Outputs may be incorrect and should not be relied upon without independently checking their accuracy. Customer's failure to provide such notice is a breach of this Policy and the Terms. Customer assumes all risk arising from use of, reliance on, or distribution of Outputs and from Agent Actions, and Customer's indemnification obligations in the Terms apply to claims arising from such use, reliance, distribution, or Agent Actions, including any failure to provide the notice required by this Section.
Generated code may contain bugs, security vulnerabilities, insecure patterns, third-party or open-source license obligations, or infringing material. Customer is responsible for reviewing, testing, securing, and licensing generated code before use and remains responsible for any code it deploys.
Outputs and Agent Actions are not, and must not be presented or relied upon as, legal, medical, financial, tax, accounting, compliance, safety, or other professional or regulated advice. Karta is not a licensed provider in any regulated field and does not provide professional services through the Services.
7. Ownership
Ownership of Inputs and Outputs is governed by the Terms. As between Karta and Customer, Customer retains its rights in Inputs and, to the extent Karta has any right in Outputs generated through Karta-managed model access, Karta assigns that right to Customer, subject to applicable law and Model Provider terms.
This ownership allocation does not guarantee copyrightability, originality, validity, non-infringement, exclusivity, or freedom from third-party rights, and Customer is responsible for confirming that its use of Outputs does not infringe or misappropriate the rights of others.
Notwithstanding the foregoing, Customer grants Karta a non-exclusive, worldwide, royalty-free license to process, host, transmit, and otherwise use Inputs and Outputs as necessary to provide, secure, debug, meter, and operate the Services, to comply with law, and to meet upstream Model Provider obligations, and Karta retains all rights in its own platform, software, models, and Operational Metadata. Karta's rights in aggregated and de-identified data are as stated in Section 2.
8. High-Risk Uses
Customer may not use the Services to make, support, or substantially automate decisions or determinations that have legal or similarly significant effects on people without qualified, meaningful human review and all legally required safeguards. Sensitive and high-risk domains include legal, healthcare, mental health, financial services, credit, insurance, employment, housing, education and admissions, public benefits, law enforcement and criminal justice, critical infrastructure, and migration or border control.
Customer must disclose AI interaction to end users where required by law or where nondisclosure would mislead a reasonable person, at a minimum at the start of each session. Karta may, but is not obligated to, surface AI-interaction disclosures; Customer's disclosure obligation is not satisfied by any Karta-provided notice, and Customer remains solely responsible for compliance. Customer is solely responsible for determining whether its use case is high-risk and for implementing the required safeguards, disclosures, human review, and compliance measures, and Customer's indemnification obligations in the Terms apply to claims arising from its high-risk uses or from any failure to disclose AI interaction.
9. Safety Enforcement
Karta may use automated and manual methods to detect, investigate, and respond to abuse, policy violations, security threats, and harmful use. Karta may block, filter, or modify Inputs or Outputs, throttle traffic, disable tools or connectors, suspend or terminate Agents, Releases, sessions, keys, end-user access paths, or accounts, preserve evidence, notify Model Providers, and report to authorities where legally required or permitted. Karta may act immediately and without prior notice for emergencies, child-safety issues, active abuse, security threats, legal risk, upstream-provider violations, or imminent harm. To the maximum extent permitted by law, Karta is not liable for action reasonably taken under this Section, and in all events Karta's liability for any such action is governed by, and subject to the limitations and exclusions of, the Terms.
10. Data Handling, Location, and Retention
Data associated with AI processing is handled across Karta's two-plane architecture. Control-plane data (such as account, organization, billing, and audit-log records) and data-plane data (such as agent session compute, durable workspace and merge-store artifacts, and session and hosted-chat transcripts) are processed and stored in the locations, and may be transferred subject to the cross-border transfer mechanisms, described in the Privacy Policy, the DPA, and the Sub-processor List. Where Karta processes Customer Personal Data or End-User Data as a processor, international transfers are governed by the transfer mechanisms set out in the DPA.
Retention and deletion of Inputs, Outputs, transcripts, workspace and merge-store artifacts, and related data are governed by the Privacy Policy and the DPA. Customer is responsible for configuring its Agents and using available controls consistent with its own retention and deletion obligations to its end users. This Section is a summary and pointer only; the Privacy Policy, the DPA, and the Sub-processor List control as to data location, transfer mechanisms, retention, and deletion.
11. Prohibited Data and Compliance Representations
The Services are intended for business and developer use and are not designed for, and must not be used to process, regulated or sensitive categories of data unless Karta expressly agrees in writing to support that data. Customer must not submit to the Services protected health information, payment-card or other PCI-regulated data, Social Security numbers or other government-issued identifiers, financial-account information regulated under the Gramm-Leach-Bliley Act, or other data subject to heightened legal or regulatory requirements, except where Karta has expressly agreed in writing. This restriction supplements, and does not limit, the Prohibited Data and related provisions of the AUP and DPA, which also apply.
Except as expressly stated in writing by Karta, Karta makes no representation, warranty, or certification of compliance with any particular law, standard, or framework, and the following do not apply unless separately agreed in writing: Karta is not currently SOC 2 certified; Karta is not certified under the EU-U.S. Data Privacy Framework; and Karta does not provide a HIPAA Business Associate Agreement or act as a business associate. Karta's security controls are designed to protect data as described in the Terms and the DPA but are provided without guarantee, and the security disclaimers in the Terms apply in full.
12. Export Control and Sanctions
Customer represents and warrants that it and its Authorized Users will comply with all applicable export-control, trade-sanctions, and import laws, including those administered by the U.S. Office of Foreign Assets Control (OFAC) and the U.S. Department of Commerce. Customer will not use, export, re-export, or make the Services available, directly or indirectly, to any embargoed or sanctioned country, region, or party, or for any prohibited end use, and represents that neither Customer nor any Authorized User is a restricted, denied, or sanctioned party. Customer's indemnification obligations in the Terms apply to claims arising from any breach of this Section.
13. Relationship to Other Terms; General
The AUP governs prohibited content and conduct. The DPA governs Customer Personal Data and End-User Data processed by Karta as processor. The Privacy Policy governs data for which Karta is a controller. The Refund & Billing Policy governs Credits and BYOK billing allocation. The Sub-processor List identifies Karta's Subprocessors. In the event of a conflict, the order of precedence is: (a) the Terms; (b) the DPA, as to the processing of Customer Personal Data and End-User Data; (c) this Policy; and (d) the AUP, Privacy Policy, Refund & Billing Policy, and Sub-processor List, except that each of those documents controls as to the subject matter it specifically governs.
This Policy does not create any third-party beneficiary rights. No end user, Authorized User, Model Provider, or other third party is a beneficiary of, or may enforce, this Policy. If any provision of this Policy is held unenforceable, that provision will be limited or severed to the minimum extent necessary and the remaining provisions will remain in full force and effect. Sections 2 (No Training by Karta; Operational Metadata and de-identified data), 4 (BYOK responsibility and indemnity), 5 (Agent Action attribution and indemnity), 6 (Output Limitations and indemnity), 7 (Ownership and reserved license), 11 (Prohibited Data and Compliance Representations), and 12 (Export Control and Sanctions), together with any accrued indemnification obligations, survive expiration or termination of the Terms.
14. Changes
Karta may update this Policy as AI capabilities, models, providers, risks, laws, and upstream-provider policies change. Material changes will be communicated as described in the Terms, except that changes required by law, security, or upstream-provider requirements may take effect sooner. Continued use after the effective date constitutes acceptance.