Hero highlight: AI capabilities

TeamViewer AI security, privacy, and customer control

Learn how TeamViewer AI handles data, applies safeguards, and keeps customers in control across TeamViewer platforms.

Analyse data with Tia

Security and data-handling at a glance

  • Tia is strictly read-only: it cannot take actions on devices; it only retrieves defined, clearly constrained data points and user-triggered screenshots.
  • TeamViewer protects data with client-side encryption and HSM-protected key handling with audited operations.
  • Data is encrypted in transit (HTTPS/TLS) and at rest (AES-256).
  • Admins control rollout and access via settings, permissions, and policies.
  • EU-27 data storage on Microsoft Azure.

Shared security principles across TeamViewer AI

TeamViewer AI capabilities follow shared security and data-handling principles, implemented through product-specific platform services.

  • Customer control

    Admins control rollout, access, permissions, and feature availability through platform-specific settings, policies, and role-based controls. 

  • Data minimization and privacy

    AI workflows are designed to process only the data needed for the specific capability, with privacy protections such as anonymization applied where applicable. 

  • Secure processing and storage

    Data is protected through encryption in transit and at rest, supported by controlled key management and secure processing boundaries.

  • Controlled use of AI services

    Third-party AI services are used in a controlled manner under defined conditions documented in the Trust Center.

Security guidance for each TeamViewer AI environment

TeamViewer AI is delivered across multiple product environments. For detailed security information, refer to the relevant platform-specific documentation below.

TeamViewer Remote, Tensor, and ONE

Security and data-handling information for TeamViewer AI workflows across documentation, troubleshooting, and scripting in TeamViewer Remote, Tensor, and TeamViewer ONE.

AI data handling at a glance

Compare the purpose, data inputs, outputs, and governance controls of each AI feature.

Session documentation

(Session Insights)

In-session troubleshooting

(Tia)

AI-assisted scripting

(Session Insights and Tia)

Definition

Automated capture of support session actions, outcomes, and summaries through Session Insights.

Guided in-session assistance based on controlled inputs, permissions, and read-only diagnostic information through Tia.

Faster script creation with review and permission-controlled execution.

What it does

Creates structured session summaries and action steps.

Guides troubleshooting during a live session.

Helps draft automation scripts faster, including from past Session Insights.

Inputs

Session interactions captured during the remote session, with on-device anonymization.

Technical device data snapshot, user-triggered screenshots, in-session conversation context, and permission-based Session Insights.

User prompts and optional Session Insights context.

Outputs

Session summary, action steps, and labels.

Recommendations and guided steps.

Script drafts stored for review.

Key controls

Admin rollout, user permissions, policies.

Strictly read-only design, defined technical data scope, admin permissions, and policy-based access boundaries.

Remote Scripting permissions.

How each AI feature handles data

See how data is processed, protected, and controlled within each AI feature.

Session Insights

Session documentation

Session documentation protected with client-side encryption
 
  • Session data is anonymized on the client before leaving the endpoint (rule-based masking).
  • Session data is protected using client-side encryption (CSE).
  • The public key is obtained over HTTPS, and the private key is protected and unwrapped in a certified HSM with audited operations.
  • Additional anonymization is applied through cloud-based services (non-public details available under NDA).
  • Data is encrypted in transit (HTTPS/TLS) and at rest (AES-256).

Policy-controlled session summaries, protected end to end with anonymization and encryption.
(Click image to enlarge)

Tia

In-session troubleshooting

Tia is strictly read-only by design
 

  • Tia is strictly read-only. It cannot execute code, install software, or modify systems.
  • At the start of the session, Tia receives a limited technical device data snapshot to support troubleshooting.
  • Screenshots are only retrieved when explicitly triggered by the user.
  • Tia can also use in-session conversation context and permission-based Session Insights visibility.
  • Tia does not collect user content, personal documents, communication data, keystrokes, or activity data.

Tia's approach to troubleshooting is focused on the technical system data, not on user content or personal activity.
(Click image to enlarge)

Session Insights and Tia

AI-assisted scripting

Scripts are drafted faster, execution stays permission-controlled
 

  • AI helps generate script drafts from prompts and optionally from prior Session Insights.
  • Scripts are stored in the tenant cloud Script Database for review and reuse.
  • Execution is not performed by Tia—scripts are run by authorized users through Remote Scripting.
  • Access is governed by Remote Scripting and Session Insights permissions.

Script drafts are generated, stored, and executed through permission-controlled workflows.
(Click image to enlarge)

Frequently asked questions

Administrators control AI rollout and access through settings, permissions, and policies. Data collected and processed depends on the AI workflow:

  • Session Insights (documentation): Captures session interactions needed to generate summaries and action steps, with anonymization applied before broader processing.
  • Tia (troubleshooting): Uses a limited technical device data snapshot taken at session start, screenshots taken only when explicitly triggered by the user, Tia conversation history, and permission-based Session Insights. It does not collect user content, personal documents, communication data, keystrokes, or activity data.
  • AI-assisted scripting: Uses user prompts and optional context from prior Session Insights to generate script drafts.

Session data is first captured and anonymized on the TeamViewer client using a rule‑based anonymization layer. Sensitive elements (including emails, URLs, passwords, credit card numbers, and IPs) are removed before leaving the endpoint. Additional anonymization occurs in cloud‑based services.

Yes. TeamViewer uses third-party LLM services (Azure OpenAI and Google Gemini) under defined conditions to deliver AI outputs. For Session Insights, data is anonymized before broader processing, and the workflow uses encrypted transport (HTTPS/TLS).

Yes.

  • In transit: Data is encrypted using HTTPS (TLS) between TeamViewer clients, TeamViewer cloud services, cloud storage, and AI services (as shown in the Session Insights architecture).
  • At rest: Cloud storage uses industry-standard AES-256 encryption (as stated).
  • Additional protection: Session Insights and Tia data is protected by client-side encryption (CSE).  

Session Insights and Tia use a public key obtained by the client over HTTPS. The corresponding private key is stored in encrypted form and additionally safeguarded by a key held in a certified Hardware Security Module (HSM). Before use, the private key is securely unwrapped within the HSM, and all HSM operations are fully audited.

  • Session Insights: Outputs (summaries/action steps) are stored in the tenant cloud and access is governed by user permissions via Admin Settings.
  • AI-assisted scripting: Generated scripts are stored in the tenant cloud Script Database for review, reuse, and controlled execution.  

We store tenant data for the duration of your contract, unless you choose to delete it beforehand. Customers can delete stored AI-related artifacts, such as Session Insights and scripts, in bulk at any time via administrative controls.

Upon termination of the contract, customers can export or extract their data in accordance with applicable requirements, including the EU Data Act where relevant. After termination, TeamViewer will handle remaining data according to the agreed retention and deletion process, subject to applicable legal and contractual retention requirements.

Data is anonymized on-device before broader processing and undergoes additional anonymization in cloud-based systems. Before and after cloud-based processing services are used, data remains handled in encrypted form. Any decrypted processing is limited to what is technically necessary to generate the requested output, and data is not retained in decrypted form beyond service delivery.

No. TeamViewer does not use customer data to train AI models. If we ever consider using fully anonymized data to train our AI models, this would only be done with strict safeguards, clear transparency, and updates to our documentation and applicable terms before any change takes effect.

Any such change would be reflected in our documentation and applicable terms.

TeamViewer DEX and ONE Enterprise

Security and data-handling information for TeamViewer AI workflows across insights, automation, and reporting in TeamViewer DEX and ONE Enterprise.

AI data handling at a glance

Compare the purpose, data inputs, outputs, and governance controls of each AI workflow.

DEX Insights
DEX Hub

(Tia Scripting)

Tia Reporting

Definition

AI-driven trend detection, root-cause analysis, and actionable recommendations based on real-time DEX analytics.

A SCALE-powered hub of proven automations and AI-generated scripts, available to run via DEX, APIs, and self-service according to configured permissions.

AI-powered reporting that turns natural-language questions into real-time visual reports and dashboards based on DEX data.

What it does

Detects trends, supports root-cause analysis, and generates actionable recommendations based on DEX analytics.

Helps create, store, and reuse automation content, including proven automations and AI-generated script drafts.

Turns natural-language questions into real-time visual reports and dashboards based on DEX data.

Inputs

Device-level experience signals from endpoints and connected systems, including performance, reliability, responsiveness, and failure signals.

User prompts, automation instructions, scripts, packs, and customer-created automation content.

Tenant-scoped DEX datasets, governed data models, and natural-language user queries.

Outputs

Human-readable insights, evidence, recommendations, and role-based dashboards or integrations.

Script drafts, reusable automations, and automation content stored for review, reuse, and governed execution.

Visual reports, dashboards, and analytics outputs embedded in the DEX reporting experience.

Key controls

Role-based access, tenant-based privacy processing before LLM-powered insight generation, encrypted pipelines, and tenant-protected storage.

Role-based permissions, Solutions Core access, script review, signing/approval, execution tracking, and tenant cloud storage.

RBAC for feature access, ABAC for data-level filtering, tenant-specific schemas, scoped session tokens, and tenant isolation.

How each AI workflow handles data

Follow how data is processed, protected, and controlled throughout each AI workflow.

DEX Insights

  • Device-level experience signals are collected from endpoints and connected systems, including performance, reliability, responsiveness, and failure signals.
  • Signals are securely ingested through authenticated and encrypted pipelines.
  • Data is normalized and enriched with context before insight generation.
  • Tenant-based privacy processing, including anonymization where applicable, is applied before data is passed to LLM-powered insight generation.
  • Insights are stored in the platform datastore and surfaced through role-based views, dashboards, and integrations.
  • Data is protected in transit and at rest, with platform-specific security and access controls.
     

(Click image to enlarge)

DEX Hub

  • Access to DEX Hub and the Tia Script Builder is governed through admin settings and role-based permissions.
  • Users require the DEX Solutions role to access script generation and automation library capabilities.
  • AI can generate script drafts, but scripts are stored for review, reuse, and management before execution.
  • Automation content is stored in the tenant cloud and managed through the DEX Library, Script Database, and Script Dashboard.
  • Scripts and automations can be run through DEX, APIs, and self-service experiences according to configured permissions and workflows.
  • Signing, approval, and execution tracking support governance, traceability, and auditability.

(Click image to enlarge)

Tia Reporting

  • Reporting uses tenant-scoped DEX data models and governed reporting access.
  • Access is enforced through RBAC for feature access and ABAC for data-level filtering.
  • Tenant-specific schemas, filtered views, and scoped session tokens help ensure users only access data they are authorized to see.
  • Natural-language questions are translated into reporting queries through LLM-assisted processing.
  • Results are returned as visual reports and dashboards within the embedded DEX reporting experience.
  • Reporting data is protected through tenant isolation, controlled access, and platform-specific encryption and security controls.

(Click image to enlarge)

Frequently asked questions

DEX Intelligence Insights processes device-level experience signals collected from endpoints and integrated systems. This includes telemetry related to performance, reliability, responsiveness, and failures across devices, operating systems, applications, and networks. These signals are normalized and enriched with contextual metadata before being analyzed to generate insights.

DEX Intelligence Insights uses authenticated and encrypted pipelines for data ingestion and processing. Prior to interact with LLM-powered components, data is subject to tenant-level minimisation and anonymization measures. Insights are stored in the platform and accessed through role-based controls and integrations.

No. Customer data processed by TeamViewer DEX AI features is not used to train TeamViewer AI models.

Data processed solely for the purpose of delivering the requested functionality, such as generating insights, script drafts, or reporting outputs, and is handled within the controls described in this document.

TeamViewer does not use customer data to build or contribute to shared or cross-customer AI models.

No. Data is not sent to LLM services in raw form. Prior to any AI processing, data undergoes tenant-level minimization and anonymisation measures to reduce exposure of sensitive or identifiable information.

Access to DEX Intelligence Insights is governed through role-based access controls (RBAC). Permissions define which user can view dashboards, analytics outputs, and insights based on their roles and responsibilities.

Access to DEX Hub and the Tia Script Builder is governed through admin settings and role-based permissions. Users require the Solutions Core role to access these capabilities.

DEX Hub provides a central place to create, store, and reuse automations. It includes an AI-powered code builder that translates plain-language requests into script drafts, and a shared library where automations, scripts, and packs can be stored and managed.

DEX Hub stores automation content in the tenant-scoped cloud storage, including:

  • default scripts provided by TeamViewer
  • customer-created scripts generated through the code builder
  • reusable packs and automation components

This content is managed through the DEX Library, Script Database, and Script Dashboard.

No. DEX Hub can generate script drafts but does not execute them automatically. Access and execution are governed through role-based controls and automation workflows. 

TeamViewer DEX AI data is stored in Microsoft Azure regions (EU-27, UK, US and CA). Processing and analytics are performed using Azure-hosted services, including Databricks, withing TeamViewer-managed environments.

Data is encrypted in transit and at rest using industry-standard mechanisms (e.g., TLS for data in transit and AES‑256 for data at rest). In addition, DEX Intelligence Insights uses authenticated and encrypted pipelines for ingestion and processing.

TeamViewer DEX AI uses LLM services hosted by Azure OpenAI under Microsoft’s published terms and documentation. These services operate in declared regions ( EU-27, UK,US and CA) and are integrated in accordance with TeamViewer’s data protection and security standards.

A shared data platform is logically segmented using tenant-specific schemas and filtered views. Access is controlled via dedicated service principals. For reporting, access is enforced through RBAC for feature access and ABAC for data-level filtering, with scoped session tokens for secure, tenant-specific access. 

TeamViewer DEX AI includes end-to-end traceability capabilities, including AI & human decision tracking, signing & execution tracking, and an immutable audit log to support compliance reviews, security audits, and oversight.

TeamViewer DEX AI Services are regulated by the AI specific terms set out in Section B.7 of the End User License Agreement (EULA) (here). AI features may include third party AI models or technologies and its usage is subject to their terms in the then-current version available at AI-terms.

Furthermore, the use of the TeamViewer DEX AI Services must comply with the Acceptable Use Policy provided at the same link.