Overview
This article outlines the security and privacy controls within Maximizer AI’s platform. It is designed to provide administrators an overview of our administrative and user-level configurations, demonstrating our commitment to data protection and regulatory compliance.
Contact
For any questions regarding this article, please mention the article name and section, and email pm@maximizer.com
Version history
1.3 Aug 2025 AA – Enabling policies
1.2 Aug 2025 – Infrastructure diagram
1.1 Aug 2025 LD – AI policies default setting
1.0 July 2025 LD – Data scopes
0.9 May 2025 - AI policies
0.8 May 2025 - initial draft
Executive Summary
Maximizer employs a security floor model, where administrators set the minimum level of security, and your choices filter down to the rest of the organization (organization -> teams -> Advisors). This ensures a consistent baseline of security across your organization. Administrative controls at the organizational level are enabled and managed by Maximizer to prevent unauthorized changes.
AI features are enabled or disabled
- By organizations by setting AI policies, or disabling LLM-powered AI features entirely.
- By users within Maximizer from the AI Hub. By default, the AI-Maximizer-AI-Hub-Enabled setting is true, which means AI features are available to your organization, with restricted policies enabled.
There are three core AI policies that govern the rollout of Maximizer IQ Boost to your organization. These policies prioritize data protection and regulatory compliance by default.
- AI-Maximizer-Anonymizer-Enforced: Proactive redaction of PII to mitigate data exposure risks to LLMs.
- AI-Maximizer-Canada-Only: Confinement of data to local servers in Canada to meet regulatory requirements.
- AI-Maximizer-Online-Sources-Disabled: Restriction of data sources to the CRM data only to prevent uncontrolled internet access.
Below is a diagram designed to main data flow of AI-powered features in Maximizer.
How do I make changes to organizational AI policies?
Contact your Customer Success/Account Manager and request IQ Boost/AI Hub to be enabled, and specify if any changes need made to the default AI policies or if the default values should apply (default settings explained below).
How do I make changes to team AI policies (administrator)?
Maximizer AI Hub
Default setting: AI-Maximizer-AI-Hub-Enabled
As an administrator, you can enable or disable AI features leveraging Large Language Models (LLM) in Maximizer via the AI Hub:
If you disable a feature, users will not be able to access it (see image below). If the feature is turned on, users will be allowed to toggle them on and off as they wish.
Admin-level controls
Below is a breakdown of the configurable security settings for administrators and their impact on your firm's security and compliance.
AI Maximizer Anonymizer
Default setting (most secure): AI-Maximizer-Anonymizer-Enforced
This setting activates Maximizer’s anonymization engine, which automatically redacts sensitive information, such as names and Social Insurance Numbers (SIN), from the data send to the AI model. For example, a name like “John Smith” would be transformed into “Anonymized”. Here is how it appears for the user:
Enabling the Anonymizer mitigates the risk of data exposure and enhances compliance with privacy and financial regulations.
If the AI Maximizer is set to TRUE, the Timeline Summary and Pre Call Summary features cannot be enabled, as they don’t support the anonymizer. A message will appear for the user notifying them the feature has been disabled by your organizational policy.
To activate the secure setting, toggle the “Maximizer Anonymizer” button:
AI Maximizer Model Location
Default setting (most secure): AI-Maximizer-Canada-Only
This setting dictates the physical location of the servers hosting the AI model. By selecting a regional server (e.g., Canadian), all data processing is confined to that geographical location. Global Servers are typically hosted in the USA and may have the most recent models, while Canadian models may use older models.
Choosing the local server option can help your organization in meeting specific data residency requirements. This provides assurance that your data remains within a specific jurisdiction, supporting your firm's compliance obligations.
To activate the secure setting, select your region’s local server in the “AI in use” setting:
AI Maximizer Online Sources
Default setting (most secure): AI-Maximizer-Online-Sources-Disabled
This setting controls the sources IQ Boost can access for information. When set to "Maximizer Database," all AI queries are restricted to your CRM data, preventing it from searching the public internet.
Restricting the model's access to the Maximizer Database eliminates the risk of exposing sensitive data to external sources and ensures that all information used by the model is managed within a secure environment.
To restrict AI access to internal CRM data, select “Maximizer Database” in the “Data Source” setting:
Please note, if you wish to make online sources available, you must set your Model Location to “Global Servers” (see Model Location setting above). This allows IQ Boost to search the internet for sources of information that may be relevant to the prompt.
User-level controls (advisors)
The following settings are managed at the user level, providing individual control over their data while still operating within the security floor set by the administrator.
For example, if the organization has allowed the anonymizer to be on or off, individual advisors can still decide to toggle it on and protect PII.
If organizations allow for both local and global models, advisors can select local models only.
Data scope
This setting allows users to adjust the timeframe that IQ Boost will consider. While a longer timeframe can improve the accuracy and usefulness of a response, it also increases the computational cost. The Data Scope setting enables users to manage the trade-off between response quality and resource usage.
Data Types
Users can control the specific types of data (e.g., text, code, images) that are sent to the model for analysis. This provides users control over what kinds of information can be processed and shared with the AI model.