EngageBay
Based exclusively on public evidence • 20 criteria (Privacy + AI)
Last review: 21 Feb 2026
AI Trust Summary
- •Regarding AI: it does not mention the use of artificial intelligence in its service functionalities, which may raise uncertainties about the application of algorithms.
- •Regarding Core Privacy: it clearly documents international data transfers, ensuring compliance with protection frameworks, which is positive for your company's data security.
Safer Alternatives
Higher-rated software in the same category
Attention Points in AI (3)
AI criteria that require attention. Buy the Premium Analysis to see all 3 criteria.
- •EngageBay
- •Does not document retention periods for AI inputs/outputs, leading to uncertainties about data management.
- •The omission regarding the use of artificial intelligence may impact trust in process automation.
- •It is advisable to require contractual clauses that address these critical points.
AI data retention (prompts and responses) is not disclosed
The policy mentions retention of usage data, but does not specify retention periods for AI inputs/outputs.
Use of artificial intelligence is not disclosed in policies
There is no explicit mention of the use of artificial intelligence in the service's functionalities.
Ethical AI principles and anti-bias measures not documented
There is no mention of ethical AI principles or commitments related to the responsible use of automated systems.
Source: vendor public documents
Compliances in AI (3)
AI criteria the company meets. Buy the Premium Analysis to see all 3 criteria.
- •EngageBay
- •The policy connects data categories with specific purposes, such as personalization and marketing communications.
- •It identifies categories of recipients and specific purposes for data sharing.
- •These practices offer greater transparency and security for due diligence in contracting.
AI features clearly identified with their purposes
The policy mentions functionalities that imply automation, but does not detail which ones use AI and for what purposes.
Automated AI decisions explained in an understandable way
There is a mention of data-based personalization, but without explaining the criteria for automated decisions.
Policy on data use for AI training clearly stated
The policy mentions the use of information to improve the service, but does not specify AI training.
Source: vendor public documents
Highlights in Privacy (3)
Most relevant criteria for this category. Buy the Premium Analysis to see all 3 criteria.
Data retention period not stated in the policy
The policy mentions data retention, but does not specify concrete periods for the retention of personal data.
Data controller identity and contact clearly disclosed
The policy clearly identifies EngageBay Inc. as the controller and provides multiple contact channels, ensuring transparency.
Privacy contact channel available
The policy offers specific channels for privacy issues, including dedicated emails and DPO contact.
Source: vendor public documents
Critical Alerts
- •Uso de inteligência artificial não é declarado nas políticas: Importante para a transparência sobre como a IA pode impactar os serviços oferecidos..
- •Mecanismo de contestação de decisões de IA não disponível: Importante para garantir que usuários possam contestar decisões que impactam suas experiências.
Conformance analysis (20)
Data controller's identity clearly stated
Reference: ISO/IEC 27701 (7.3)
Contact channel for privacy issues available
Reference: ISO/IEC 27701 (7.3)
Processing purposes clearly listed by data category
Reference: ISO/IEC 27701 (7.3)
Source: vendor public documents
Follow this company and access all 20 criteria
Track score changes, get alerts on policy updates, and view the full conformance analysis
Don't miss any update
Sign up to follow this company and track changes in privacy and AI scores
Why trust the AITS Index: Open Community Audit
Public transparency, peer review and open evidence trails — all verifiable by the community
Trust guarantees
Peer review
users, professionals and experts confirm or contest items online.
Public history
vendor and index changes are versioned and accessible.
Participate
Evidence, confirmations and contestations
participate in the collaborative validation of AITS criteria
EngageBay Marketing Automation: Privacy and Security Insights
Privacy Strengths of EngageBay
EngageBay demonstrates commendable practices in privacy management, achieving an impressive OPTI Base (Privacy) Score of 86%. This score reflects the platform's commitment to transparency and user data protection. One of the standout strengths is the clear listing of data processing purposes by category. This means that as a user, you can easily understand how your data will be utilized, which is essential for informed consent under regulations like GDPR and LGPD. Knowing the specific purposes for which your data is collected helps you feel more secure about your information being handled responsibly.
Another significant strength is the clear identification of personal data recipients in EngageBay's privacy policy. This transparency allows users to know exactly who has access to their data, which is crucial for maintaining trust and compliance with privacy frameworks. Additionally, the platform documents the international transfer of data, ensuring compliance with various data protection laws. This is particularly important for businesses operating across borders, as it mitigates risks associated with data breaches and unauthorized access.
Transparency in International Data Transfers
EngageBay's documentation regarding international data transfers is a noteworthy aspect of its privacy practices. The platform ensures that any data transferred outside of your jurisdiction adheres to the necessary legal frameworks, such as GDPR and ISO 27701. This compliance is vital for users who are concerned about the security of their data in different geographical locations. By understanding these practices, you can have greater confidence in the platform's ability to protect your information and maintain compliance with relevant regulations.
Privacy Weaknesses of EngageBay
Despite its strengths, EngageBay has notable weaknesses that users should be aware of. One significant concern is the indefinite retention of AI prompts and responses. This lack of a defined retention period raises questions about how long your interactions with the AI are stored, potentially leading to privacy risks. Users should be cautious about the information they share, especially sensitive data, as it may be retained longer than expected.
Another weakness is the absence of a clear declaration regarding the use of artificial intelligence in EngageBay's functionalities. This lack of transparency can create uncertainty about how AI algorithms are applied, which is particularly concerning for users who prioritize ethical AI practices. Without clear guidelines, users may find it challenging to assess the implications of AI on their data privacy.
Lack of AI Decision Contestation Mechanism
Furthermore, EngageBay does not provide a mechanism for contesting AI decisions. This is a critical shortcoming, especially for users who may be affected by automated decisions made by the platform. The absence of this feature means that if an AI-driven decision negatively impacts you, there may be no straightforward way to appeal or challenge that decision. Users should be aware of this limitation and consider whether it aligns with their expectations for accountability in AI systems.
Practical Guidance for EngageBay Users
To enhance your privacy and security while using EngageBay, consider reviewing your settings related to data sharing and AI interactions. Ensure that you are aware of what data is being collected and how it is being used. If possible, limit the amount of sensitive information you share with the platform, particularly in AI prompts, to mitigate risks associated with indefinite data retention.
Additionally, keep an eye on updates from EngageBay regarding their AI policies. As the platform evolves, it may introduce new features or clarify existing policies that could impact your data privacy. Staying informed will help you make better decisions about your usage of the software.
Exploring Alternatives and Precautions
If the weaknesses in EngageBay's AI transparency and decision-making processes are concerning, you might want to explore alternative marketing automation platforms that offer more robust privacy features. Look for platforms that provide clear AI usage disclosures and mechanisms for contesting automated decisions. Always prioritize software that aligns with your privacy values and meets compliance standards like GDPR and LGPD. Taking these precautions can help ensure that your marketing efforts do not compromise your data privacy.
Other Marketing Automation software
Dive into in-depth research and analysis of each player
Source: vendor public documents
Analyzed Sources
Public documents used in the audit of EngageBay:
Evidence, confirmations and contestations
participate in the collaborative validation of AITS criteria
Scope & Limitations
TrustThis/AITS assessments are based exclusively on publicly available information, duly cited with date and URL, following the AITS methodology (privacy & AI transparency).
The content is indicative in nature, intended for screening and comparison, not replacing internal audits.
TrustThis/AITS does not perform invasive tests, does not access vendor technology environments and does not process customer personal data. Conclusions reflect only the vendor's public communication at the date of collection.
Source: vendor public documents