v1.1 · Effective 10 May 2026
This document outlines how Vantage (“Vantage”) deploys, manages, and continuously refines automated systems on behalf of clients. It is intended for clients, prospects, regulators, and the public.
Vantage is currently a brand operated by its founders Ivan Kruger and [redacted] in personal capacity, pending incorporation of a dedicated legal entity. The operational commitments in this policy apply during the pre-registration period and will transfer in full to the registered entity upon incorporation.
Vantage operates automated systems as a service. Our clients are owner-operated service businesses who delegate part of their revenue operations to us. They rely on us to use these systems responsibly, to be honest about their limits, to fail safely, and to improve continuously.
This policy applies to all automated systems Vantage builds, deploys, or operates for clients; systems Vantage runs internally; data flowing through these systems; and all Vantage personnel and contractors. It is consistent with the DIFC Data Protection Law 2020 (DPL 2020) and applicable UAE Federal Personal Data Protection Law obligations. Upon incorporation in DIFC (where applicable), this policy will additionally adopt the operational compliance regime for autonomous systems then in force.
We disclose to every client which models we use, what data is processed, and what decisions are made by automated systems. Our clients always retain the right to override any automated decision.
Every Vantage system has a designated human owner. Errors, escalations, and edge cases route to humans within 4 business hours during operating hours.
We deploy automated systems incrementally. Every new system passes a synthetic evaluation set before any live cutover. Every system has an off switch operable within minutes by Vantage staff.
Personal data flowing through Vantage systems is encrypted in transit and at rest. We collect the minimum data needed, retain it only for the contracted period, and delete or return it on client instruction.
Every Vantage system maintains its own feedback loop. Performance is measured weekly. Failures inform the next training set. Fixes propagate across the cohort with anonymisation.
Our automated systems may identify as a Vantage-managed assistant when asked. We do not deny that automation is in use. We do not impersonate specific named individuals.
Vantage has a designated Autonomous Systems Owner who maintains the inventory of automated systems, classifies their risk, coordinates incident response, reports to applicable regulators where required, and reviews this policy annually. Upon DIFC incorporation, this role becomes the formal Autonomous Systems Officer (ASO) under the regime in force at that time.
Current Autonomous Systems Owner: Ivan Kruger, Founder (ivan@wearevantage.ai).
Every Vantage system is classified into one of three tiers:
Tier 3 systems require additional controls: stricter eval thresholds, more frequent human review, faster incident response.
Before any new Vantage system goes live for a client:
After live cutover: nightly synthetic eval runs with regression alerts; weekly human spot-check on real conversations; monthly review of any complaints, errors, or edge cases.
A Personal Data Breach or material system malfunction triggers Vantage’s incident response: detect and contain, notify affected clients within 72 hours, notify the applicable regulator within 72 hours where required, document the incident, implement corrective action, update the system inventory.
Anthropic Claude (primary conversation generation), Google Cloud / Vertex AI (embeddings, audit, support), and OpenAI (limited use).
Vantage does not transmit client conversation data to provider model-training pipelines. Where providers offer “do not train” guarantees (Anthropic, OpenAI Enterprise), we use those tiers exclusively for client data.
Where a client asks “is this automated?” our systems will confirm so. Where a client requires the system to identify itself proactively, we configure that per engagement.
Vantage clients have the right to pause or stop their automated system at any time, request review of any specific conversation or decision, audit the system inventory and risk classification for their engagement, request data export or deletion under DPL 2020 and Federal PDPL, and review and approve material changes to their system before deployment.
For data-subject rights requests under DPL 2020, contact the Autonomous Systems Owner at the same details.