At Pendo, performance, security, and data privacy are first-order considerations, around which we design our products and policies as an organization.
This article provides information about our security and privacy practices related to AI. As our practices evolve, we'll strive to continue to provide you with such transparency.
Note: Pendo also exposes product data to compatible external AI clients through a secure Model Context Protocol (MCP) server. MCP provides an access layer that lets compatible AI tools query the same analytics and AI‑powered insights you access in Pendo. For more information, see Connect to the Pendo MCP server.
AI technologies used in Pendo
Pendo uses a combination of its own AI technology (Pendo AI) and third-party services, which are currently OpenAI hosted on Microsoft Azure (Azure OpenAI) and OpenAI's infrastructure (OpenAI), Amazon Web Services (Amazon Bedrock), and Google Gemini hosted on Google Cloud Platform (Google Generative AI). We follow the same data protection principles with our AI features that we do with all other Pendo services, including, but not limited to, encrypting all data at rest and in transmission, not commingling customer data, and not using production data in our development and testing environments.
All third-party LLM providers have undergone a full review by Pendo’s security and privacy teams, and we maintain enterprise-level contracts with each provider, supported by long-standing partnerships. We ensure that any data that's sent to them isn't used for their own model training and development. Data is retained by AI technology providers for the minimum possible time period, essentially zero-day retention (ZDR). We redact common PII data types, such as names, email addresses, SSNs, and credit card numbers, from any text string before it's sent to an AI technology provider. These safeguards help ensure your data remains protected in line with Pendo’s commitment to privacy, security, and trust.
When developing new AI features, we work with a small group of customers on a voluntary basis through design partner agreements. This allows us to rapidly iterate on designs and the effectiveness of algorithms in accordance with our data security policies and procedures.
When we refer to Pendo AI, we’re referring to our internal Machine Learning (ML) systems, which train one model for each application belonging to each customer. For more information, see Model training in this article.
In addition to our ML-based Pendo AI, we have some internally developed features that use rule-based artificial intelligence without any models, which relies on simple statistics that result in the same outputs given the same inputs. We refer to this as internal AI code.
Pendo also uses Tavily, a third-party AI service, to generate business context descriptions from a company website URL provided by a subscription admin. Tavily doesn't receive customer feedback, end-user data, or any other data Pendo collects on your behalf. For more information about business context, see Subscription settings.
The following table lists the AI technology providers used for each Pendo AI-powered feature.
| Product area | Pendo feature | AI technology | Setting name | Data sent to AI technology provider |
| Pendo AI | Agent Analytics | Google Generative AI | - | Prompts and conversation data from your agents, which allow the AI system to identify themes, cluster interactions, and surface insights that help improve agent performance and customer experience. |
| Leo (formerly Agent mode) |
Google Generative AI OpenAI |
Leo | Aggregated usage metrics, visitor and account-level metrics, and entity metadata (for example, Feature names and Page descriptions); textual content generated in Listen or in integration tools, including feedback requests, survey responses, and Gong calls transcriptions; tag names in Session Replay and relevant HTML context. | |
| Guides | Guide writing | Google Generative AI | Guide-writing assistant | |
| Guide localization | Google Generative AI | AI localization | ||
| NPS | Theme suggestions | Pendo AI | Automatic theme generation in NPS insights | User-generated content and inputs, such as feedback or survey responses. |
| Theme names | Google Generative AI | NPS summaries and theme name enhancement | ||
| Theme summaries | Google Generative AI | NPS summaries and theme name enhancement | ||
| Email summaries | Google Generative AI | NPS summaries and theme name enhancement | ||
| Analytics | Workflow suggestions | Internal AI code; no models used | - | - |
| AI insights | Pendo AI | Insights | Aggregated Page views and Feature interaction data, combined with account metadata information. | |
| Listen | Feedback summaries |
|
Feedback summaries in Listen | Textual content generated in Listen or in integration tools, including feedback requests, survey responses, and call transcriptions. |
| Explore | Google Generative AI | Listen Explore | ||
| Suggested ideas | Google Generative AI | Suggested ideas in Listen | ||
| Session Replay | Suggested replays | Internal AI code; no models used | - | - |
| Summaries and descriptions | Azure OpenAI | Replay summaries and descriptions | Tag names in Session Replay and relevant HTML context. | |
| Predict | Predictions |
Pendo AI Amazon Bedrock |
- | Aggregated usage metrics, account metadata, feature adoption metrics, and historical trends. |
MCP access for external AI clients
In addition to using AI within the Pendo UI, you can securely expose Pendo data to external AI tools that support the Model Context Protocol (MCP), such as Claude, ChatGPT, Cursor, and Copilot.
When you turn on the Pendo MCP server:
- External AI clients authenticate with OAuth using your existing Pendo login.
- Those AI clients can call Pendo MCP tools to query usage data, metadata, and guides, using the same roles, access controls, and regions that already apply in Pendo.
- Data sent between your AI client and the Pendo MCP server is encrypted in transit and handled under the same policies that keep each customer’s data separate and govern data retention for other Pendo services.
When you use an external AI client with MCP, how that client handles prompts and responses (including any model training) is governed by that client’s own data‑use policies and agreements. For setup details, see Connect to the Pendo MCP server.
Model training
We train subscription-specific machine-learning models (non-generative) using your behavioral data in isolation of other customers’ data. Typically, we train one model for each customer. In some cases, we train one model for each product feature for each customer. This is to surface insights about your visitors’ usage of your applications.
This means that, where there's any model training, all training data is scoped and trained separately for each customer. This applies to both the initial model and subsequent models. This is how Pendo is able to give you specific, relevant, and rich insights, and how we remain principled as a company. For more information about our principles, see Pendo's AI principles.
Privacy and security of AI systems
Pendo has Data Processing Agreements with each of our subprocessors, including those providing us with AI systems. By contract, these subprocessors must maintain regulated standards for privacy and security. For example, OpenAI has publicly committed that it won't use any information provided through their API to train its AI model unless the customer opts in to it. Pendo hasn't and won't opt in.
Pendo doesn’t develop or operate its own large language model (LLM) technologies or “generative AI engines”.
When third‑party AI clients access Pendo through the MCP server, their requests are subject to the same contractual protections and technical controls: OAuth‑based authentication, regional routing, and encryption in transit. Once data is delivered to an external AI client, how that client stores, processes, or uses that data (including any model training) is governed by that client’s own data-use policies and your agreements with them, rather than by Pendo.
Opting in and out of AI-powered features
You can choose if and when you want to make use of Pendo’s AI-powered features. Subscription admin users in Pendo can opt in and out of specific AI-powered features in the AI Access tab of Settings > Subscription settings. Here, you can see which AI technology you’re using and which third-party provider (if any) is providing this technology. For more information about these settings, see AI access in the Subscription settings article.
Pendo understands that many customers may be concerned by AI features being automatically turned on due to the resulting changes to data storage and processing and regulatory restrictions. To address these concerns, while at the same time allowing most of our customers to easily experience the value added by our AI features, only those features that keep data storage and processing within the same GCP-based cloud environment that’s used for Pendo's primary data storage and processing functions are turned on by default. These include features that use Google Generative AI, Pendo AI, and internal AI code. OpenAI and Azure OpenAI features are turned off by default, but can be turned on by a Pendo subscription admin in most cases. Some AI features will be turned off by default or unavailable based on regulatory or geographic restrictions.
The following table provides a detailed list of each feature and its opt-in and opt-out status based on these factors.
| Pendo customer segment | AI technology | Default settings |
| Customers hosted in Pendo's default environment (US) and who haven't executed a Business Associate Agreement (BAA) | Google Generative AI | On |
| Azure OpenAI | Off, with opt-in available | |
| OpenAI | Off, with opt-in available | |
| Pendo AI | Off, with opt-in available | |
| Customers with BAA (healthcare) | Google Generative AI | On |
| Azure OpenAI | Off, with opt-in available | |
| OpenAI | Off, with opt-in available | |
| Pendo AI | Off, with opt-in available | |
| Customers in the EU, Japan or Australia data environments | Google Generative AI | Off, with opt-in available |
| Azure OpenAI | Off, with opt-in available | |
| OpenAI | Off, with opt-in available | |
| Pendo AI | Off, with opt-in available |
The only AI features enabled for customers hosted in our Japanese data environment are those that don’t require training. These are labeled as “internal AI code” in the AI technologies used in Pendo section of this article.
Note: Our AI features are currently unavailable in the Australian environment.
Access to Pendo data through the MCP server is also controlled in the AI access tab of Settings > Subscription settings, where a subscription admin can turn the Pendo MCP server on or off. Defaulted to on, this setting controls all currently available read‑only MCP tools and doesn’t change which AI providers are enabled in AI access.
Data security and privacy
Through maintenance of a comprehensive privacy program, which includes yearly training, consistent reviews with impact assessments conducted as prudent, and ongoing auditing by both our customers and reputable third-party organizations, Pendo ensures compliance with evolving privacy and security laws and standards. In specific reference to our AI-powered features, for example, any calls made to our third-party service providers in relation to providing Pendo’s AI-powered features are routed through a common internal application programming interface to ensure that we can enforce appropriate security and privacy checks for each call.
Pendo also maintains GDPR compliance across all customers with additional protections afforded based on applicable privacy laws. Additionally, Pendo has self-regulated limitations on where some AI services can be used based on country-specific and industry-specific recommendations.
Data storage and processing
Your data remains in your existing chosen cloud environment.
To maintain privacy and security, your data is segmented and stored separately from other customers’ data. We use logical separation techniques, enforced through unique namespaces for each customer, to ensure that our customers’ data isn't commingled. For more information, see Data collection and compliance.
Your data and models only exist in your own dedicated cloud container, ensuring its isolation from any other Pendo customer’s data. This is kept secure by Pendo’s Information Security program and GCP’s safeguards and mechanisms. This means that your data and your associated PendoAI models remain separate from any other Pendo customer’s data. For each customer, we train a unique model or set of models using their own data. For more information, see Model training in this article.
Each customer owns their own data.
Data recall
If you change your mind about AI-powered features in Pendo, you can’t recall any data that's already been processed by any of the LLMs. It’s technically impossible in the current field and study of machine learning to recall the inputs to (data that's been sent to and is received by) LLMs.
As such, Pendo can't retrieve inputs that are entered into any LLM. However, Pendo does maintain GDPR compliance and is committed to trust and safety. You can delete all the AI models that exist in your cloud container (whether GCP, Azure OpenAI, OpenAI, or Pendo AI). For more information about how to do this, see our Privacy Policy.