AI Policy

Assembly AI Privacy Policy & Data Handling

Last updated: 05/02/2026

This page explains how Assembly handles workspace data when you use Assembly's AI capabilities. It is a companion to the Assembly Privacy Policy and the Assembly Terms, and it is referenced from Section 18 of the Privacy Policy. Where this page and the Privacy Policy say different things on the same topic, the Privacy Policy controls.

We will update this page as functionality changes. Changes that affect the Privacy Policy will be reflected there (as described in Section 20 of the Privacy Policy).

What this page covers

Assembly currently offers two AI capabilities. They have different data-handling models and are described separately below.

  • Assembly Assistant (Beta) — Assembly's in-product AI capability for tasks such as summarization, drafting, and similar features. For Assembly Assistant, OpenAI acts as Assembly's Service Provider under Assembly's contract. Assembly may engage additional AI Service Providers in the future and will update this page and its sub-processor list before doing so.
  • Third-Party AI Assistant Connections via MCP (Beta) — connections that a workspace administrator or teammate establishes from a third-party AI assistant (such as ChatGPT or Claude) to their workspace, using Assembly's Model Context Protocol ("MCP") server. For these connections, the third-party AI provider is an independent third party that the customer has chosen — not Assembly's Service Provider.

Both capabilities are currently in beta. Functionality, data flows, and configuration may change.

What Assembly does not do — for either capability

For both Assembly's in-product AI features (Assembly Assistant and any additional AI features Assembly launches) and MCP connections, Assembly does not:

  • Use prompts, inputs, outputs, tool calls, or tool responses to train, fine-tune, or improve any AI model — whether Assembly's, OpenAI's, or any third-party AI provider's;
  • Sell, or "share" (as that term is used under the California Privacy Rights Act, including for cross-context behavioral advertising), any data processed through these capabilities;
  • Use this data for advertising, marketing, or any purpose other than operating, securing, and debugging Assembly;
  • Write the content of tool results to plaintext service logs.

Part 1 — Assembly Assistant (Beta)

How it works

When you use Assembly Assistant, Assembly sends the prompt and the workspace data needed to answer it (for example, the message thread you asked to summarize) to OpenAI. OpenAI generates the response and returns it to Assembly, which surfaces it back to you in the Assistant.

OpenAI as Service Provider

OpenAI processes data for Assembly Assistant as Assembly's Service Provider, under Assembly's contract and data-processing agreement with OpenAI. That contract commits both Assembly and OpenAI not to use Assembly Assistant inputs or outputs to train AI models.

What Assembly does with this data

  • Sends the prompt and the relevant workspace data to OpenAI to generate the response;
  • Returns the response to the User who requested it;
  • Records minimal operational telemetry (request metadata, latency, error counters) to operate, secure, and debug the feature.

Retention

  • Inputs and outputs are processed transiently to generate the response. They are not retained by Assembly or OpenAI for training or product-development purposes.
  • Operational telemetry is retained in line with Assembly's general log-retention practices, described in Section 6 (Retention of Data) of the Privacy Policy.

Permissions

A User invoking Assembly Assistant inherits their existing in-product permissions. Assembly Assistant cannot read or modify data that the User could not access directly through Assembly.

Controls

Where Assembly Assistant includes user-level or workspace-level toggles, those are described in the in-product settings. Customers who do not wish to use Assembly Assistant can decline to enable it.

Part 2 — Third-Party AI Assistant Connections via MCP (Beta)

What the MCP is

Assembly's MCP server is an authenticated gateway. It lets a third-party AI assistant — such as ChatGPT or Claude — act on a connected Assembly workspace on behalf of the workspace User who connected it. The MCP server exposes a curated set of tools that map one-to-one to functionality already available through Assembly's existing Platform API.

MCP does not introduce new categories of data. It provides a different way to reach data that is already in the workspace, subject to the connecting User's existing in-product permissions.

Who can connect

Only internal administrator users of a workspace can establish an MCP connection. Client-portal end-users and internal Staff role users cannot connect AI assistants.

How a connection is authenticated

  • OAuth 2.0 authorization-code flow;
  • Sign-in by email and password or Google SSO, with optional TOTP multi-factor authentication;
  • Short-lived access tokens (~1 hour) and long-lived refresh tokens are issued to the AI assistant;
  • Refresh tokens are encrypted at rest;
  • Access tokens are not stored on Assembly's servers after issuance;
  • All MCP traffic is transmitted over TLS.

The three parties involved

Three separate parties are involved in any MCP request:

  • The customer organization (and the connecting User) decides whether to connect an AI assistant, which one, and what to ask it to do.
  • Assembly authenticates the connection, routes the AI assistant's tool calls to the Platform API on the connecting User's behalf, and returns responses.
  • The third-party AI provider (for example, OpenAI or Anthropic) decides — under its own privacy policy and the terms of the customer's account with that provider — what to do with prompts, tool inputs, tool responses, and outputs after they leave Assembly's servers, including any logging, retention, training, human review, or onward sharing.

The third-party AI provider is an independent third party that the customer has chosen. It is not Assembly's Service Provider or sub-processor. Assembly does not select the AI assistant on the customer's behalf and does not have a contractual relationship with the AI provider on the customer's behalf.

What Assembly does with MCP traffic

Assembly:

  • Authenticates the connecting User and resolves the User's workspace and module access;
  • Executes each tool call by proxying it to Assembly's Platform API, applying the connecting User's existing permissions;
  • Returns the tool response to the AI assistant over TLS;
  • Operates, secures, monitors, and debugs the service. This includes operational telemetry such as request metadata, error counters, abuse signals, and the arguments the AI assistant supplies to a tool call (including any rationale the AI provides), which Assembly may retain to understand and debug the requests made through the integration.

What Assembly does not return through MCP

The MCP server does not return Assembly's internal credentials, infrastructure metadata, audit internals, or service logs. Errors are surfaced as the Platform API's standard JSON envelope (status code and human-readable message) — never as stack traces, debug payloads, or raw logs.

Resource IDs returned through MCP are the public Platform API IDs documented at docs.assembly.com/reference — the same IDs a third-party API integration would receive.

Permissions and scope

A connected AI assistant inherits the connecting User's existing in-product permissions — no more, no less. If the connecting User cannot see a record in the dashboard, the AI assistant cannot see it through MCP either.

The MCP server is module-gated: tool families only appear if the workspace has enabled the corresponding module (such as Payments, Contracts, Files, Forms, Messages, or Tasks). Disabled modules' data is not exposed.

Tool-level scopes (roadmap)

Today, the MCP server does not expose tool-level scopes. A connected AI assistant has the same breadth of access as the connecting User. Tool-level scoping may be added in a future release. In the meantime, customers who want narrower access should restrict who may connect AI assistants, or connect using a service account whose in-product permissions are deliberately limited.

Audit log (coming soon)

MCP tool calls will be surfaced to workspace administrators in Assembly's upcoming in-product audit log, alongside other Platform API activity. The audit log will show, at minimum, which User initiated the connection, which tools were called, and when. Administrators can use the audit log to monitor AI assistant activity within the workspace.

Categories of data accessible via MCP

Subject to the connecting User's permissions and the customer's enabled modules, an AI assistant connected via MCP may access the following categories of workspace data, each of which can contain Personal Data:

  • Workspace metadata;
  • Client records and company records;
  • Messages (free-text; may contain Personal Data);
  • Files (metadata, plus file bytes when explicitly requested by a tool call);
  • Forms and form responses (free-text; may contain Personal Data);
  • Financial records, including invoices, subscriptions, payments, products, and prices;
  • Contracts and signing status;
  • Tasks, comments, and notes (free-text; may contain Personal Data);
  • Notifications;
  • Internal directory information (employee data).

Retention

In addition to the general retention principles described in Section 6 of the Privacy Policy, the following retention periods apply to MCP:

  • OAuth access token: approximately 1 hour; not stored on Assembly's servers after issuance;
  • OAuth refresh token: stored, encrypted at rest, until revoked by the User or by Assembly;
  • MCP connection record: auto-deleted after approximately 48 hours of inactivity, or earlier on User revocation;
  • MCP tool-call telemetry, including tool arguments and rationale: retained per Assembly's log-retention practices;
  • MCP tool-result content: not written to service logs in plaintext;
  • In-product audit log (admin-visible, upcoming tool): retained per Assembly's audit-log retention practices;
  • Underlying workspace data accessed by tools: governed by the customer's existing retention configuration for Assembly.

Customer responsibilities

By enabling an MCP connection, the customer directs Assembly to share workspace data with the third-party AI assistant in response to its tool calls. The customer is responsible for:

  • Choosing the AI assistant and reviewing its privacy policy, terms of service, data-processing addendum, and security posture before connecting;
  • Ensuring it has a lawful basis (and, where required, a separate data-processing agreement directly with the AI provider) for the personal data the AI assistant will receive;
  • Restricting which of its internal Users may connect AI assistants;
  • The AI provider's processing of any prompts, tool inputs, tool responses, and outputs after they leave Assembly, including any logging, retention, training, human review, or onward sharing the AI provider performs under its own terms;
  • Communicating to its own clients and end-users (where required by applicable law) that it has enabled an AI integration that may process their personal data;
  • Disconnecting the AI assistant if it no longer wants the AI assistant to have access.

Disconnecting

A connecting User can manage active MCP connections at any time:

  • Go to Settings → Account → scroll to Connected apps. The account page lists every active MCP connection on the User's account, along with the connection date.
  • Click Revoke to disconnect. Revocation invalidates the refresh token and prevents further tool calls. Outstanding short-lived access tokens expire within approximately one hour.

Revocation does not retroactively delete or recall any data the AI provider has already received during the life of the connection. That data is held by the AI provider under its own retention rules. To request deletion of data already held by the AI provider, the customer must contact that provider directly.

International data transfers

Assembly is hosted on AWS infrastructure in the United States. Where personal data is transferred internationally to or by Assembly, Assembly relies on the transfer mechanisms described in Section 7 of the Privacy Policy.

Transfers from Assembly to a third-party AI provider as a result of an MCP tool call are made on the customer's instruction. The customer is responsible for the lawful basis and transfer mechanism applicable to its disclosure to the AI provider.

Distribution status

The MCP server is currently available in developer-mode beta inside ChatGPT, Claude, and Cursor (custom connector flows). Beta status will be removed from this page when the capability moves to general availability.

Service Providers used to operate Assembly Assistant and MCP

In addition to the Service Providers described in Section 12 of the Privacy Policy and our Subprocessors listed in our Trust Center, the following Service Providers support Assembly's AI capabilities. Their use is governed by Assembly's agreements with them and by their own privacy practices:

  • Amazon Web Services (United States): provides cloud infrastructure for authentication, compute, storage, and encryption;
  • OpenAI (United States): Service Provider for Assembly Assistant only. OpenAI is not Assembly's Service Provider for MCP connections; if you connect ChatGPT via MCP, OpenAI processes that data under your account with OpenAI, not under Assembly's contract.

Data subject requests

Requests to access, correct, or delete personal data that Assembly holds about you continue to be handled as described in Section 10 (GDPR rights) and Section 11 (CCPA rights) of the Privacy Policy.

For requests relating to data already held by a connected third-party AI provider, please contact that provider directly using the contact details in its privacy policy. Assembly cannot recall or delete data from another company's systems.

Questions

If you have questions about this page or about Assembly's handling of AI and MCP data, please contact us at support@assembly.com.

Create remarkable client experiences