How BrightCat Data governs the use of artificial intelligence across its products, data infrastructure, and operations — and how our data is safeguarded when accessed by AI systems.
BrightCat Data Ltd. provides Canadian property intelligence to enterprise clients across insurance, financial services, real estate, and technology. Our data infrastructure — including weekly property tracking pipelines operating continuously since 2014 — is now accessible through programmatic channels that include AI-capable endpoints.
This policy establishes the governance framework for how artificial intelligence intersects with BrightCat's operations: both how external AI systems may access and use our data, and how we employ AI tools internally. It applies to all BrightCat products, data delivery channels, and internal processes.
Our approach to AI governance is grounded in principles that reflect our long-standing commitment to responsible data stewardship.
Privacy safeguards are embedded at every stage of our data pipeline — from ingestion through delivery — consistent with the principles outlined in Canada's Personal Information Protection and Electronic Documents Act (PIPEDA). AI access channels inherit these same protections.
BrightCat products deliver property-level and market-level intelligence. Our data does not contain personal information attributable to identifiable individuals. Properties are tracked using persistent property identifiers, not personal records.
We are clear about what our data contains, how it is generated, and what governance applies when it is accessed by AI systems. This policy and our product documentation are publicly available.
BrightCat maintains documented data lineage and processing records for every dataset we produce. Where AI tools are used in our internal operations, their role is documented and subject to human oversight.
BrightCat data is available through multiple delivery channels, including flat-file delivery, Snowflake Marketplace, and a Model Context Protocol (MCP) connector. Some of these channels enable AI agents and large language models to query BrightCat data programmatically.
The following governance applies to all AI-accessible channels:
Authentication and access control. All programmatic access requires authenticated credentials. MCP and Snowflake connections use OAuth-based authentication with role-scoped permissions. Read-only access is enforced at the infrastructure level — AI agents cannot modify, delete, or write to BrightCat data stores.
No model training rights. BrightCat data accessed through any delivery channel may not be used to train, fine-tune, or otherwise incorporate into machine learning models or AI systems without explicit written agreement. Standard data licences grant query and analysis rights only.
Rate governance. Programmatic endpoints are subject to rate limits and query volume monitoring. Anomalous access patterns are flagged for review.
BrightCat's weekly data pipeline has operated continuously since 2014, processing residential and commercial property records across Canada. The following safeguards are built into this infrastructure and apply regardless of how the resulting data is accessed or consumed.
No personal information in outputs. BrightCat products track properties, not people. Our datasets contain property attributes, transaction histories, and market indicators — not personal names, contact details, or information attributable to identifiable individuals.
Persistent property identifiers. Properties are tracked across time using deterministic identifiers derived from standardised address components. These identifiers enable longitudinal analysis without reliance on personal data.
Data lineage and quality controls. Every weekly data run is logged with file-level metadata, row-count validation, and schema integrity checks. Anomalies are flagged and investigated before publication. Historical data integrity is maintained through documented audit processes.
Address standardisation. All property addresses undergo professional-grade Canadian address standardisation to ensure consistency, reduce duplication, and maintain data quality across the full historical dataset.
BrightCat uses AI tools in its internal operations, including content development, data analysis support, code development, and research. The following principles govern this use:
Human oversight. AI-generated outputs used in client deliverables, published content, or data products are reviewed and approved by BrightCat personnel before release. AI tools assist but do not autonomously produce client-facing materials.
Data handling. Confidential client data, proprietary source details, and internal pipeline configurations are not submitted to third-party AI services unless the service provides contractual data protection guarantees and does not use submitted data for model training.
Continuous evaluation. We periodically review which AI tools are in use, assess their data handling practices, and update our internal tooling approvals as the AI landscape evolves.
Clients who access BrightCat data — whether through traditional file delivery or AI-enabled channels — are expected to use the data in accordance with their licence agreement and applicable privacy legislation. In particular:
Clients should not attempt to re-identify individuals from BrightCat data, whether through combination with other datasets, AI-assisted inference, or any other method. BrightCat data is designed and licensed for property-level and market-level analysis.
Where clients incorporate BrightCat data into their own AI systems or automated decision-making processes, the client is responsible for ensuring that such use complies with applicable regulations and does not result in discriminatory or harmful outcomes.
This policy is reviewed at minimum on an annual basis and updated as needed to reflect changes in AI technology, Canadian privacy regulation, and BrightCat's product and infrastructure landscape. Material changes will be noted with an updated version number and effective date.
As Canada's regulatory framework for AI continues to develop — including potential obligations under the Artificial Intelligence and Data Act (AIDA) — BrightCat will adapt this policy to maintain alignment with applicable requirements.
We're happy to discuss our AI governance practices with clients, prospects, and partners.
Get in Touch