Purpose of this document
This document is intended to provide clear information about how data is stored and processed specifically when using AI-powered coding & workflow in Prime, and how these practices relate to our broader policies and agreements.
It serves as a supplementary explanation and does not replace or override the terms outlined in the following documents:
The target audience is current Prime customers or prospects learning more about AI for coding and workflow in Prime.
About Rillion AI for coding and workflow
Rillion AI predicts a complete account-posting line per expense line, drawing on the customer's own historical postings together with charts of accounts and dimensions. For each posting line the model predicts the G/L account and/or other dimensions (Object 1–8, which map to the customer's cost centre, project, department and similar dimensions), the VAT/tax code, split distribution across multiple lines, and the line type (expense, VAT, variance).
Rillion AI also predicts approvers to review and approve the invoice based on historical approval flows and list of active roles and references.
Each predicted value carries a confidence level and an explanation shown in the interface, and predictions feed back as context to future predictions.
This feature uses customer‑specific historical invoice data to automatically suggest coding and approval routing. Predictions always remain under full customer control, with manual verification required unless automation is explicitly enabled.
Data processing
What data does Rillion AI access?
Extracted historical invoice data and customer master data to validate predictions on (active flow proposals, active roles incl authorization amount and manager, active dimensions, active charts of accounts, active references, active VAT codes).
Does the system use external AI models?
Rillion uses a general-purpose OpenAI LLM hosted within Microsoft Azure (Azure OpenAI / Foundry). We do not train any model on customer data - there is no Rillion-specific or customer-specific trained model behind the predictions. Per Microsoft's Azure OpenAI data policy, prompts and outputs are not used by OpenAI or Microsoft to train or improve their models, are not shared with other customers, and the models are stateless (nothing is retained in the model after a request). Because no model learns from customer data in the first place, there is no cross-tenant learning. EU customer data also stays processed within the EU.
Where is data stored?
In accordance with the specified customer data zone. The GPAI (General purpose AI) models in use are solely from Rillion’s list of approved providers, and all processing remains within Rillion’s Data Processing Agreement
Data protection
How do you ensure that our information is not shared with third parties?
By always following good data separation practices and using only models and structures that allow Rillion to always have full control of the data.
Does any AI train on customer data?
No, in accordance with Microsoft Data, privacy, and security for Models sold by Azure
How is customer data protected?
- Encrypted in transit (HTTPS/TLS)
- Encrypted at rest (AES‑256)
Risk assurance
Is there human‑in‑the‑loop?
Coding & Workflow requires manual verification unless the customer enables full automation.
Is the AI considered high‑risk under the EU AI Act?
No. Coding & Workflow fall under Minimal/No Risk categories.
Can AI features be disabled?
Coding & Workflow is an opt-in and needs activation specification. Coding & Workflow can be configured in a way to only be used manually as well.
Can AI be paused during incidents?
Yes, by forcing manual verification. It can be disabled on company level.
Risk assurance
Who owns AI‑generated outputs?
The customer.
Who is responsible for incorrect AI suggestions?
The customer’s own users, all outputs require review and approval.
How do you mitigate bias?
Rillion mitigates bias in coding proposals through a combination of human oversight, model design, and ongoing governance:
- Human stays in control by default.
AI matching never executes actions automatically; a person verifies predictions before they take effect, unless the customer themselves chooses to activate automated processing in Prime (via configurable confidence thresholds). This keeps a human checkpoint between any biased prediction and a posted result. - Each prediction is independent.
Every AI coding is a new, independent LLM request, so predictions are not carried over or compounded from one invoice to the next. - Reduced reliance on historical data.
The new AI model design lessens dependence on raw historical posting patterns, limiting the risk of reinforcing entrenched or outdated coding behaviour (e.g. supplier-specific or historical posting bias). - Built-in explainability.
Each prediction is accompanied by clear reasoning and a confidence level, so users can see why a suggestion was made rather than trusting a black box — making questionable or biased suggestions easier to spot and correct. - No proprietary training material.
Rillion does not generate its own unique AI training content, avoiding bias introduced by proprietary training data.
Logging
How long is data retained?
- System logging for troubleshooting - 30 days.
- Requests and finals (outputs) - up to 1 year.
- Historical postings and approval flows - up to 1 year.