Safe as a Vault
Trust & Safety
HowNow believes in keeping your data safe and secure - and knows that protecting it is one of our most important responsibilities.
We're committed to transparency about our security practices and the effort we take to keep your information secure.
HowNow offers both a Learning and Skills Platform and an integrated Content Subscription product (HowNow+)
HowNow is proud to be ISO27001 and ISO9001 Certified by the British Assessment Bureau.
HowNow is fully GDPR compliant and certified for Cyber Essentials and Cyber Essentials Plus compliance.
HowNow also follows best practices from the Cloud Security Alliance to inform our security policies, ensuring we are in line with other SaaS providers to prioritise the safety and security of customer data.
HowNow AI is a suite of tools designed to assist organisations with tackling a wide range of pressing L&D and HR tasks. With the power of AI, you can go from creating a tailored Skills Framework and mapping it to all your people and learning opportunities to identifying skills gaps and bridging them with automatically generated personalised pathways and curated content feeds in just minutes.
How does HowNow AI work?
AI-Powered Skills Framework:
Create a job role and provide a role description. HowNow AI will leverage this data to understand your organisational context and related tasks, then mapping the job roles to the skills and proficiency levels needed.
-
-
- An Admin User has the capability to adjust the required skill proficiency, add new skills, or remove existing ones.
- Customers have the option to use AI to bulk map job roles, imported from their HRIS, to appropriate skills and required levels of expertise.
- HowNow AI will persistently identify and incorporate new and emerging skills for selected job roles.
- Skills Graph:
- HowNow AI analyses your people, learning content (both internal and external) and learning activities, to map them all to your organisation’s skills framework.
- All of your learning resources from all sources and internal experts, will be aligned and connected to your skills framework.
- AI-Powered Content Curation:
- Ask HowNow AI to curate content on specific topics from selected content sources and organise into Channels.
- Using the Skills Graph, HowNow AI can automatically curate a Channel feed of content that dynamically updates with new and relevant content.
- AI-Generated Pathways:
- Describe your learning objectives, set your skills development goals and pick your preferred content sources, then let HowNow AI design and craft a tailored learning pathway to meet your needs.
- With the Skills Graph, HowNow AI gathers the content you need from every source you're connected to. Then HowNow AI leverages techniques such as scaffolding and adaptive learning to generate a personalised pathway that is structured to support learners become skilled and confident.
- You can build on top or edit the AI-generated pathways as needed.
-
Is my data safe with HowNow AI?
Absolutely, your data safety is our top priority. We implement industry-leading security protocols, including encryption, data anonymisation and regular security audits, to protect your data. We adhere to stringent privacy standards and continuously update our protocols to stay ahead of any threats. We take your trust seriously and are transparent about our data protection practices. Your data is safe with us.
What Large Language Model (LLM) does HowNow AI use?
HowNow AI combines the cutting-edge capabilities of OpenAI's GPT-4, GPT-3, Codex, and DALL-E models with proprietary data sets and specialised information fine-tuned for Learning and Development.
You can also read OpenAI's Enterprise FAQs here.
Are my inputs sent back to the LLM for training?
No, your inputs are not sent back to the Large Language Model (LLM) for training. The model operates on a foundation of pre-existing, generic data and does not incorporate user inputs for its training or development. It functions by responding to specific prompts set by the user, enabling it to generate content that adheres to these predefined criteria without direct reliance on new input data. This means that the information you provide, whether prompts, documents, or any generated content, does not contribute to training, refining, or enhancing the model's underlying dataset.
-
- Not shared with other users.
- Not accessible by the model's developers or OpenAI.
- Not utilised to advance the capabilities of the model.
- The interaction with the model is a one-way process, where only the information necessary for generating responses is processed, and no user data is exported or used beyond fulfilling the immediate request.
What Personal Identifying Information (PII) is sent back to the LLM?
Absolutely, no Personal Identifying Information (PII) is relayed back to the Large Language Model (LLM). We've conscientiously crafted our system to prioritise your privacy and ensure the utmost security of your details. Here's how we handle it:
Your personal information remains confidential, not shared with external parties, including the developers behind the LLM or OpenAI.-
- We do not utilise your personal data to enhance the LLM's intelligence or to refine any associated services or technologies. Our focus is solely on providing you with immediate, relevant responses.
- Rest assured, your personal details are strictly used for the purpose of this interaction. They are neither employed in training the model nor in the improvement of external products or services.
Our commitment is to uphold the highest standards of privacy and data protection, ensuring your personal information is safeguarded and respected throughout your engagement with us.
HowNow AI is designed to work closely with your company's data, including job roles, skills frameworks, and learning content, to connect every employee with relevant learning in the flow of work. However, it's important to clarify how we handle employee information:
- Employee Data Usage: HowNow AI requires some level of access to your company's employee information to perform its functions effectively—such as mapping job roles to skills or curating personalised learning pathways. This might include job titles, associated skills, and their teams to understand skills and learning needs better.
- Privacy and Security: Despite this access, we are deeply committed to privacy and data security. Access to employee information is strictly governed by our data protection policies, ensuring that all data is handled securely and in compliance with relevant privacy laws.
- Purpose of Data: The information accessed by HowNow AI is solely used to provide and improve the services offered—such as creating accurate skills frameworks, curating relevant content, and designing personalised learning pathways. We do not use your company's employee data for any other purpose outside of delivering and enhancing these functionalities.
- Control and Transparency: Your company retains control over the data shared with HowNow AI. We aim for transparency in how we use the data, providing you with insights into the data processing and ensuring you have the power to manage and restrict access as needed.
-
- In summary, while HowNow AI interacts with your employee information to deliver its services, we do so with the highest standards of privacy and security, ensuring that your data is protected and used appropriately to support your organization's learning and development goals.
- HowNow AI “reads” the titles and headings of your learning content to grasp the core themes, and analysing keywords and phrases that hint at specific skills. It pays special attention to learning objectives, which directly signal the skills aimed to be developed. Metadata such as tags and categories enrich the AI's understanding with direct insights. Moreover, HowNow AI considers the context in which terms are used, ensuring a nuanced understanding of how content relates to various skills. This comprehensive approach allows HowNow AI to accurately map learning content to the relevant skills within your organisation's framework.
Yes, HowNow AI is designed to be GDPR-compliant. HowNow AI takes serious measures to safeguard personal information, implementing strict data processing and security protocols. These measures include obtaining proper consent for the collection and use of personal data, ensuring individuals' rights to access, rectify, and erase their data, and maintaining transparency about data use. By complying with GDPR, HowNow AI demonstrates its commitment to protecting user privacy and handling data responsibly.
How do you ensure the content curated and pathways created by HowNow AI are correct and have no mistakes?
To ensure the content curated and pathways created by HowNow AI are accurate and free from mistakes, several robust measures are implemented:
- Continuous Learning and Improvement: HowNow AI is designed to learn continuously from user interactions, feedback, and performance data. This allows the system to refine its algorithms and improve the accuracy of content curation and pathway creation over time.
- Quality Control Checks: Regular quality control checks are conducted on the curated content and generated pathways. These checks may involve manual review by subject matter experts to ensure the content is relevant, accurate, and up-to-date.
- User Feedback Mechanisms: Users are encouraged to provide feedback on the content and pathways. This feedback is invaluable for identifying any inaccuracies or areas for improvement. The AI system can then adjust its processes based on this feedback to enhance accuracy and relevance.
- Cross-Referencing with Trusted Sources: The AI cross-references content with trusted and authoritative sources to verify its accuracy. This ensures that the information provided is reliable and based on sound knowledge.
- Error Detection Algorithms: Advanced algorithms are employed to detect and correct errors automatically. These algorithms can identify inconsistencies, outdated information, or inaccuracies in the content and pathways.
- Collaboration with Experts: HowNow AI often collaborates with industry experts and educators during the content curation and pathway development process. Their expertise ensures that the content is not only accurate but also aligns with current industry standards and educational practices.
-
- By combining these approaches, HowNow AI strives to maintain a high level of accuracy and reliability in the content it curates and the learning pathways it creates, ensuring a valuable and mistake-free learning experience.
- By combining these approaches, HowNow AI strives to maintain a high level of accuracy and reliability in the content it curates and the learning pathways it creates, ensuring a valuable and mistake-free learning experience.
How do you ensure HowNow AI is ethical?
HowNow is deeply committed to ethical practices, grounding our approach in transparency, fairness, and respect for user rights. We maintain openness about HowNow AI’s functionality, data usage, and decision-making processes to foster trust. Actively working to identify and mitigate any biases ensures that our platform offers fair and equitable content and recommendations to all users. Upholding data privacy and security is paramount, adhering strictly to data protection regulations to safeguard user information. We prioritise user autonomy, providing clear options for data management, including the ability to opt-in or opt-out of features and to access or delete personal data. Our commitment extends to the ethical application of AI, focusing on positive enhancements in learning and development while steering clear of uses that could cause harm. We regularly review our practices to make sure we’re staying ethical, making decisions that are good for you and all our users.
It's all about keeping things right, fair, and safe.
- Data Protection and Data Security Policy
- Data Retention Policy
- Data Sub-Processors List
- HowNow Data Breach Policy
- ISO9001 Certificate
- ISO27001 Certificate
- Privacy Policy
- Privacy Policy - Website
- Privacy Policy - Product
- Technical Support Services Doc
- Data Processing Agreement
Email dpo@gethownow.com for access to these items and allow 48 hours.
- Business Continuity Plan
- Ethical Policy
- Environmental Policy
- HowNow Data Flows
- Information Security Policy
- Licence Terms and Conditions
- Penetration Test 2023
- Cyber Essentials (Plus) Certificate
General FAQs
Do you support Single Sign-On? (SSO)?
Yes. HowNow offers SSO and provisioning across all major providers, including Azure, Google, Okta, OneLogin, and Jumpcloud.
Do you encrypt data at rest and in transit?
All data in transit are encrypted using the following algorithms:
- 2048-bit RSA (RSA_2048)
- 4096-bit RSA (RSA_4096)
- Elliptic Prime Curve 256 bit (EC_prime256v1)
- Elliptic Prime Curve 384 bit (EC_secp384r1)
Data at rest is protected by full-disk encryption using AES-256 algorithm.
What types of data/PII does HowNow collect?
In order for HowNow to provide services agreed as per our commercial agreement with our customers, HowNow collects the following personal data:
- Name
- Email Address
- IP Address
- Job Role
- Start Date (Optional)
- Company ID (Optional)
- Location (Optional)
- Department/Team (Optional)
How is this data used by HowNow?
This data is used by HowNow as follows:
• Automate the onboarding/offboarding of the Users. (Optional)
• Generate content recommendations and suggestions based on User data – for example, training maybe recommended based on User’s Job Role.
• To send platform notifications to Users based on their activity.
• To provide technical support when requested.
Do you have a Data Protection Officer (DPO)?
Yes. You can contact them at dpo@gethownow.com.
What LLM does HowNow AI use?
HowNow AI combines the cutting-edge capabilities of OpenAI's GPT-4, GPT-3, Codex, and DALL-E models with proprietary data sets and specialised information fine-tuned for Learning and Development.
Where do you store data?
Any data we collect is stored in our cloudbased servers managed by Amazon Web Services (AWS), located in Ireland.
What Privacy Controls does HowNow have in place?
- All sensitive information, whether in transit over the network or at rest on our storage systems, is encrypted using AES and TLS.
- We enforce strict access controls and authentication mechanisms. This includes role-based access control and multi-factor authentication.
- We conduct regular audits and compliance checks to ensure that privacy controls are effective and meet GDPR requirements.
- We ensure transparency in our data practices and provide users with clear and accessible privacy notices.
- We have defined data retention policies to ensure that personal data is not kept longer than necessary and is securely deleted when no longer needed.
How do you assess and manage third-party vendor risks?
Due Diligence - We carry out thorough checks as part of our procurement process before selecting a supplier.
Risk Assessment: We carry out regular risk assessment associated with all of our vendors - analysisng likelihood and impact of these risks.
Risk Mitigation Strategies: We ensure mitigation strategies are in place for the identified risks, including contractual safeguards and ensuring vendors comply with industry best practices and legal requirements (including our Data Processing requirements).
Contingency planning: We have contingency and exit strategies place for critical vendors. We have back-up vendors and plans for transitioning services to another provider."
Is any data stored or processed outside of the EEA?
Yes. Although the data we collect from you is stored in the European Economic Area (“EEA”), data processed by the third parties (“sub-processors”) to provide services to you as per our Commercial agreement may be transferred outside of the EEA. We will take all reasonable steps to ensure that our sub-processors meet the requirements of our data processing agreement.