AI principles.
How Message.com builds and runs AI. Grounded in your knowledge base. Self-hosted on our own GPUs. Never trained on your data. Override-by-default. Turn-offable per channel.
01Grounding over guessing
Our AI is not allowed to make things up. Every answer the AI gives an end user is grounded in the customer's own knowledge base through retrieval-augmented generation (RAG). If the answer is not in the knowledge base, the AI says so and routes to a human. The model is not configured to backfill with plausible-sounding guesses.
We use semantic search over the customer's own content (their site, their docs, their imported PDFs, their previously resolved conversations). The retrieval step is logged, the chunks that were used are kept with the response, and the response is rejected at generation time if it lacks support.
02Self-hosted by default
The real-time AI in our chat, ticket, and phone surfaces runs on GPU hardware we own and operate. Customer conversations are not sent to OpenAI, Anthropic, Google, or any other third-party LLM API for inference on these surfaces.
We use external APIs only for non-real-time or non-user-facing tasks (batch knowledge-base writing, internal tooling), and only when the workload is suitable for that exposure. Where we do use an external provider, it is named in the sub-processors list.
03No training on customer data
We do not train, fine-tune, or otherwise improve any model on your customer conversations, your knowledge base content, your tickets, your call transcripts, or anything else you store with us. Your data trains nothing.
We train evaluation harnesses (held-out QA sets, regression suites) only on synthetic data or on data we have explicit, written authorization to use, and we never co-mingle one customer's data with another's. This is contractual in the Data Processing Addendum.
04Explainability
Every AI response, in chat or in a ticket draft, ships with the source it pulled from. End users see a "based on" link to the underlying KB article when one is appropriate; agents see the full retrieval result inside the inbox, including the chunk text and the article URL.
When the AI declines to answer, it explains why (low retrieval confidence, off-topic, blocked category). Customers can configure the level of explanation that surfaces to end users; the audit log always retains the full reasoning trace.
05Override-by-default
Every AI action is reviewable, editable, and reversible by a human agent. Drafts are drafts: an agent has to send. Sends to end users are reversible within the audit log retention window. Tags, classifications, and routing decisions can all be overridden manually.
There is no AI action in the product that bypasses the agent. The AI is configured as an assistant first; full autopilot is a feature you turn on per channel, never the default.
06Bias monitoring
We maintain held-out test sets that cover demographic variation, regional dialects, language and code-mixed inputs, and a sample of historical conversations across customer types. Every release of a model or a prompt is evaluated against these sets for refusal rate, citation accuracy, sentiment, and disparate handling across groups.
We publish the methodology and the headline results in our AI report. When a regression is detected, the release is held until the regression is understood and either fixed or documented as an acceptable tradeoff.
07Safety filters
The AI refuses to generate hate speech, sexual content, harassment, content sexualising minors, instructions for violence or weapons of mass destruction, and self-harm content. Refusals are explicit and routed to a human. Refusals are logged so that customers can audit them.
Self-harm and crisis content trigger an additional behavior: the AI returns a brief, calm message pointing to appropriate local resources (where configured) and immediately escalates to a human. The AI is not a crisis counsellor and is never positioned as one.
08Voice cloning consent
Voice cloning is a free feature of our phone product. A 15-second sample is enough to clone a brand voice for receptionist and wait-time concierge use. We require explicit, attested authorization from the brand owner whose voice is being cloned, captured at the moment of upload, before a clone is created.
We never clone an end-user's voice, even with consent, and we never use a cloned voice to impersonate a specific individual outside of the brand-owner-authorized use case. Cloned voices are tied to the customer's workspace and are destroyed when the workspace is deleted.
09Sustainability
We measure the energy draw of our inference fleet and the embodied carbon of the hardware we run on. We publish a quarterly figure: kilowatt-hours consumed by inference, average watt-seconds per response, and the carbon intensity of the grids we pull from (today: California, Texas, Frankfurt, and our home labs).
We will be honest about the number. AI is not free of cost to the planet. The point of measuring it is to keep it small and to give customers a defensible footprint to share with their own ESG team.
10Open-weight preference
We prefer open-weight models with permissive licenses over closed-API providers for our customer-facing AI surfaces. Open weights mean we can host them ourselves, audit them, fine-tune them when policy demands it, and keep the inference cost predictable for the long term.
Today our primary chat, ticket, and phone AI runs on an open-weight model on GPU hardware we own, with no third-party LLM API in the inference path. We review our primary model at least once a year and remain on open-weight unless a non-open model offers a capability gap we cannot otherwise close.
11Customer control
Every AI feature is opt-in and configurable per workspace and per channel. You can disable AI for the chat channel, leave it on for tickets, and turn it off entirely for phone calls if that is what your customers expect. You can set keyword blocks, topic blocks, and language allowlists. You can require a human handoff for any AI conversation that crosses a threshold you define.
See the AI Code of Conduct for the rules that govern how the AI behaves inside those controls and the Data Processing Addendum for the contract that backs them.
Questions about how the AI works?
Email [email protected] or read the AI Code of Conduct. We are happy to walk security and procurement teams through the architecture in detail.
Start free trial →