Audience: IT, Security & Legal teams | Last updated: June 2026
This document describes the technical architecture of the AI Insider Program, covering how data flows through the system, where it is processed and stored, which third-party sub-processors are involved, and what controls are in place to protect your data. It is intended for technical and compliance stakeholders evaluating the program.
For a general introduction to the program, see AI Insider Program.
1. Architecture Overview
The AI Insider Program is built on three tiers:
TribeCRM (Frontend + Backend) — your primary interface. All feature toggles, data access, and results are surfaced here. No new applications are installed in your environment.
n8n Orchestration Layer — a workflow automation platform hosted and operated by TribeCRM. It coordinates all AI agent logic, schedules, and data routing. This is TribeCRM-managed infrastructure, not a shared public SaaS instance.
AI Model APIs — large language model (LLM) services called by the orchestration layer to perform reasoning, generation, and analysis tasks. These are third-party services (see Sub-Processors below).
Your organisation's data never leaves this pipeline without an explicit agent action writing back to your TribeCRM environment. No data is written to any external system other than the LLM APIs required to process the request.
2. High-Level Data Flow
The diagram below illustrates how data moves through the system for a typical AI agent operation:
┌──────────────────────────────────────────────────────────────┐
│ Your TribeCRM Environment (EU) │
│ CRM data · contacts · emails · tickets · call records │
└───────────────────────┬──────────────────────────────────────┘
│ Read / Write (OAuth2, org-scoped)
▼
┌──────────────────────────────────────────────────────────────┐
│ TribeCRM Orchestration Layer — n8n (EU-hosted) │
│ │
│ 1. Reads relevant data from your TribeCRM via secure API │
│ 2. Prepares a prompt containing only the data needed │
│ 3. Sends prompt to LLM API → receives response │
│ 4. Validates and formats the result │
│ 5. Writes result back to your TribeCRM via secure API │
│ 6. Logs execution metadata (no CRM data retained) │
└───────┬──────────────────────┬───────────────────────────────┘
│ │
▼ ▼
┌───────────────┐ ┌──────────────────────┐
│ Anthropic │ │ OpenAI / Google │
│ (Claude API) │ │ (GPT / Gemini API) │
│ US │ │ US │
└───────────────┘ └──────────────────────┘
3. Data Flow by Feature
The following table describes, for each feature, what data is read from your TribeCRM, what is sent to an LLM, and what is written back.
Feature | Data Read from TribeCRM | Sent to LLM | Written Back to TribeCRM | LLM Provider |
Outbound Lead Generation | Customer record, Lead records, ICP profile | Anonymised company profiles, ICP criteria | New company & contact records (organisations, persons) | Anthropic (Claude) |
Lead Scoring | Lead records, company data, activity history | Lead attributes and engagement signals | Score field on lead record | Anthropic (Claude) |
Inbound Lead Enrichment | Lead record | Company name, domain | Enriched fields on lead record | Anthropic (Claude) |
Sales Opportunity Summary | Opportunity record, related activities, contacts | Opportunity details and interaction history | Summary note on opportunity record | Anthropic (Claude) |
Outreach Email | Lead/contact details, feedback data | Lead context and feedback summary | Email sent via Microsoft Outlook | Anthropic (Claude) |
AI Email Reply | Email content, sender contact details, linked activities | Email thread and contact context | Draft reply returned to user in TribeCRM UI | Anthropic (Claude) |
Pre-Call Preparation | Upcoming calendar event, related contact & company records | Contact profile, recent activity summary | Preparation brief as a note in TribeCRM | Anthropic (Claude) |
Post-Call Enrichment | Call record, transcript, related contact | Call summary and participant context | Enriched fields and notes on contact/activity record | Anthropic (Claude) |
Support Ticket Resolution | Support ticket content, attachments, knowledge base articles | Ticket description and relevant KB excerpts | Suggested resolution as a note on the ticket | Anthropic (Claude) |
Ideal Customer Profile (ICP) | Won customers, company attributes, industry data | Aggregated company characteristics (no personal data) | ICP profile stored in orchestration layer, used by agents | Google (Gemini) |
Competitive Landscape Analysis | Competitor website URLs (provided by customer in settings) | Publicly crawled competitor content | Analysis report as a note/record in TribeCRM | Google (Gemini) · OpenAI (GPT) |
Voice of the Customer | Customer company names, account context | Public review data (aggregated, no personal data) | Sentiment summary as a record in TribeCRM | OpenAI (GPT) · Anthropic (Claude) |
4. Data Categories Processed
The following categories of data from your TribeCRM environment may be processed by AI agents depending on which features you enable:
Organisation data — company names, industry, size, website, address
Contact data — names, professional email addresses, job titles, phone numbers
Activity data — emails (subject, body, sender/recipient), call summaries, calendar event details
Support data — support ticket subject, description, and attachments
CRM metadata — lead status, opportunity stage, scores, custom fields you configure
Publicly available data — competitor websites, public business directories (for enrichment and competitive analysis features only)
Personal data categories are limited to professional contact information (business email, job title, company). No sensitive personal data (health, financial, biometric) is processed.
5. Sub-Processors
The following third-party sub-processors may receive or process data in the course of operating the AI Insider Program:
Sub-Processor | Role | Data Processed | Processing Location | Legal Basis |
Anthropic, Inc. | LLM inference — Claude models (Sonnet, Haiku) | CRM data subsets included in agent prompts (contacts, emails, tickets, leads, activities) | United States | DPA in place · SCCs |
Google LLC | LLM inference — Gemini models; Cloud infrastructure (GCP Pub/Sub) | Company profile data (ICP), competitor content (public); cache invalidation events (no CRM data) | United States / EU (GCP) | DPA in place · SCCs |
n8n GmbH | Workflow orchestration platform (self-hosted by TribeCRM) | All data routed through agent workflows — processed in TribeCRM's managed instance | EU (TribeCRM-managed) | DPA in place |
Microsoft Corporation | Email delivery (Microsoft Outlook) for outreach notifications | Recipient email address, generated email body | EU (Microsoft 365 EU tenancy) | DPA in place · SCCs |
⚠️ Note on LLM data processing: No customer data is used to train any AI model — all providers are configured with API settings that opt out of model training.
6. Data Residency
Component | Where Data is Stored | Region |
TribeCRM application & database | Google Cloud Platform — managed by TribeCRM | EU (europe-west) |
n8n orchestration layer | TribeCRM-managed/self-hosted n8n instance | EU |
Agent state tables (feature flags, usage stats, enrichment status) | n8n Data Tables — TribeCRM-managed | EU |
LLM prompt & response (in transit) | Transmitted to LLM provider API — not persisted by TribeCRM | US (in transit only) |
Execution logs | n8n execution logs — TribeCRM-managed, auto-purged | EU |
Email outreach (sent emails) | Microsoft 365 EU tenancy | EU |
CRM data written back by agents (enriched records, notes, summaries) is stored exclusively in your TribeCRM environment in the EU. No CRM data is persisted in any US-located system after the LLM call completes.
7. Security Controls
Organisational Isolation
Every agent operates with credentials scoped exclusively to your organisation. The architecture enforces this at multiple layers:
Each organisation has its own OAuth2 client credentials stored in encrypted form in TribeCRM's orchestration layer.
A dedicated Token Broker endpoint issues short-lived, org-scoped access tokens for each agent execution. Cross-organisation access is architecturally impossible — there is no shared access path.
All API calls to TribeCRM are authenticated with the org-scoped token. The token is never reused across organisations.
Opt-In Architecture
No agent is ever activated without an explicit action by an authorised user in your TribeCRM environment. Enabling a feature provisions an agent; disabling it immediately terminates all agent activity for that feature.
Least-Privilege Data Access
Each agent reads only the data it needs for its specific task. Agents do not have access to your entire CRM dataset — they query specific record types via the TribeCRM API, and only for records relevant to the current execution.
Encryption
All data in transit between TribeCRM, the orchestration layer, and LLM APIs is encrypted with TLS 1.2+.
Org credentials (clientId / clientSecret) are stored encrypted at rest.
TribeCRM database encryption follows GCP's default encryption-at-rest standards.
Human-in-the-Loop (HITL) Controls
For features where agents may take high-impact actions (such as creating new lead records or sending emails), human review workflows are in place. The agent pauses and presents the proposed action to a user for approval before proceeding. HITL is mandatory for all write-back actions that create new records.
8. Data Retention
Data Type | Retained By | Retention Period |
Agent execution logs | TribeCRM (n8n) | Auto-purged after a short rolling window (days) |
Feature usage / impact metrics | TribeCRM (n8n Data Tables) | 1 year |
Lead enrichment status | TribeCRM (n8n Data Tables) | Cleared after completion or timeout (10 minutes) |
LLM prompt & response | LLM provider (Anthropic / OpenAI / Google) | Not retained by TribeCRM after API call completes. Provider retention subject to provider DPA (typically 0–30 days for API usage). |
Results written to TribeCRM (notes, enriched fields) | TribeCRM (your environment) | Governed by your standard TribeCRM data retention settings |
9. GDPR & Compliance
Legal basis: Processing of personal data by AI agents is performed under the same legal basis as your existing TribeCRM usage (legitimate interests or contract performance, depending on your configuration). Enabling a feature does not create a new legal basis — agents operate within the scope of your existing GDPR posture.
Data Processing Agreement: TribeCRM acts as a data processor on your behalf. The Insider Program is covered by the existing TribeCRM DPA. Sub-processor DPAs are maintained with Anthropic, Google, and Microsoft.
No model training: Customer data is never used to train any AI model. All LLM providers are configured via API with model training opted out. This is contractually enforced through each provider's DPA.
Data subject rights: Any personal data written into TribeCRM by an agent (e.g. enriched contact records) is subject to your standard data subject rights processes within TribeCRM (access, rectification, erasure).
10. Customer Controls
Control | How to Exercise It |
Enable a feature | Toggle on in Configuration → Insider Program |
Disable a feature | Toggle off in Configuration → Insider Program — agent activity stops immediately |
Review agent actions | Notifications in TribeCRM and periodic email reports |
Approve / reject HITL decisions | Via notification email link or in-app prompt (for applicable features) |
Request data deletion | Contact your Account Manager or [email protected] |
Request sub-processor list update | Contact [email protected] — updates are published in this article |
Exit the program entirely | Disable all features — no data processing occurs when no features are active |
For questions about this document, contact your Account Manager or reach out to [email protected].