Done-for-you offer · Fractional CMO with AI Swarm · lead-scoring-routing 4-skill bundle · lead-scoring-routing agent
Per-location behavioral enrichment with BANT + firmographic for multi-location retail, multi-unit franchise, multi- location service brand, DTC ecommerce, B2B SaaS, and PE- sponsored portfolio operators — Enrich + Score + Verify + Attest 4-skill bundle on the lead-scoring-routing agent, under a 5-anchor compliance overlay anchored on per-vendor data licensing + scraping legal (hiQ + Meta v Bright Data + DMCA + CFAA), per-source consent provenance + FTC 2024 enforcement wave (X-Mode + Mobilewalla + Avast + Cerebral + MA AG v X-Mode + sensitive-data restrictions) + GDPR + per-state-comprehensive-privacy patchwork, Fair Housing + ECOA + Colorado AI Act + NYC LL144 + EEOC + Mobley v Workday + ADA, NIST AI RMF + EU AI Act Article 9-15 + Article 14 + Article 50 + per-vendor LLM zero-retention + DTSA, and privacy + GDPR Article 22 + DSA + COPPA + AADC + per-platform data-use
You enrich per-location leads with firmographic + technographic + intent + behavioral signals + score with BANT (Budget + Authority + Need + Timing) + ICP-fit + per- vertical-class intent across 30-100 enrichment + behavioral + identity-resolution data sources × per-vendor license posture + per-source consent provenance variations. Scraping legal landscape — hiQ Labs Inc v LinkedIn Corp (9th Cir 2022) narrowing CFAA 18 USC 1030 application for publicly accessible scraping + Meta Platforms Inc v Bright Data Ltd (ND Cal January 2024) reinforcing ToS-based liability for logged-in scraping + DMCA Section 1201 + Van Buren v United States (594 U.S. 374, 2021) + state computer-crime laws (California Penal Code 502 + Texas Penal Code 33 + Florida Computer Crimes Act) — governs per-vendor scraping posture. FTC 2024 enforcement wave — FTC v X-Mode/Outlogic (January 2024) + FTC v Mobilewalla (December 2024) + FTC v Avast (February 2024 with $16.5 million penalty) + FTC v Cerebral (2024) + Massachusetts AG v X-Mode (2024) — established direct operator exposure for downstream use of data from vendors with broken consent provenance + sensitive-data restrictions (healthcare + places of worship + schools + addiction- treatment + reproductive-health facilities). GDPR Article 28 processor + Article 26 joint controller + Article 32 security + Article 35 DPIA + per-state-comprehensive- privacy patchwork (CCPA + Texas DPSA + Virginia CDPA + Connecticut CTDPA + Colorado CPA + Utah CPA + Oregon + Tennessee + Maryland Online Data Privacy Act + Washington MHMDA + 19+ state laws) apply. Fair Housing Act 42 USC 3604 + ECOA 15 USC 1691 + HUD Final Rule + Meta Special Ad Categories + Google Housing Employment Credit + Colorado AI Act SB 24-205 (effective February 1, 2026) + NYC Local Law 144 (effective July 5, 2023) + EEOC algorithmic discrimination + EEOC v Workday + Mobley v Workday class certification 2024 + EEOC 4/5ths rule + ADA Title III apply when BANT scoring drives covered-category decisions. NIST AI RMF + ISO 42001 + EU AI Act (Regulation 2024/1689) Article 9-15 high-risk requirements + Article 14 human oversight + Article 50 + per-vendor LLM zero-retention + DTSA apply broadly. CCPA + GDPR Article 22 + DSA + COPPA + AADC + cookie consent + per-platform data-use apply broadly. The lead enrichment, behavioral data, firmographic, identity resolution, CDP, CRM, and LLM vendors below ship strong primitives. The orchestration above them is operator-side architecture. You keep all subscriptions, posture libraries, consent-provenance register, sub- processor chain, and audit trail. You keep the ability to in-house at any time.
Published September 24, 2026
The real ecosystem this sits above
Lead enrichment + firmographic + behavioral data + identity resolution
Lead enrichment + firmographic: ZoomInfo, Clearbit, 6sense, Demandbase, LinkedIn Sales Navigator, Apollo.io, Lusha, Cognism, Datanyze, Diffbot. Identity resolution: LiveRamp, Acxiom, Neustar, Experian, Equifax, TransUnion. Behavioral data: Amplitude, Mixpanel, Heap, PostHog, Snowplow, RudderStack. Each ships strong primitives. Per-vendor scraping-posture register + per- vendor sub-processor attestation chain + per-vendor consent-provenance attestation register above them is operator-side architecture.
CDP + CRM + LLM
CDP: Segment, mParticle, Tealium, Treasure Data, ActionIQ, Lytics, Twilio Engage, Zeotap, BlueConic. CRM: Salesforce, HubSpot, Pipedrive, Microsoft Dynamics, Zoho, Close, Insightly, Copper, Keap, ActiveCampaign. LLM: OpenAI + ChatGPT Enterprise, Anthropic Claude + Claude for Work, Google Gemini + Vertex AI, Microsoft Copilot + Azure OpenAI, AWS Bedrock. Each ships strong primitives. Per-scoring- class Fair Housing + ECOA + Colorado AI Act + NYC LL144 + EEOC posture + EU AI Act Article 9-15 + Article 14 human oversight + Article 50 marking + per-vendor LLM zero-retention above them is operator-side architecture.
Policy-as-code + WORM + legal research
Policy-as-code: OPA Rego, AWS Cedar, Casbin, Cerbos, Oso. WORM: AWS S3 Object Lock, GCS retention, Azure Blob immutable, Snowflake Time Travel. Legal: Westlaw, Lexis+, Bloomberg Law, Practical Law. Each ships strong primitives. The 5-anchor compliance gate is operator-side architecture.
Frequently asked
What does per-location behavioral enrichment with BANT + firmographic deliver, and how does the 4-skill bundle decompose?
An orchestration layer above the operator lead enrichment + behavioral data + firmographic + identity resolution + CDP + CRM + LLM + policy-as-code + WORM-storage stack that enriches per-lead with firmographic + technographic + behavioral signals + scores per-lead with BANT (Budget + Authority + Need + Timing) + ICP-fit + intent across 50-1,500 locations × per-vertical × per-jurisdiction — under operator-counsel-and-AI-governance-team-approved per-vendor licensing + scraping legal landscape + FTC 2024 enforcement wave + GDPR + state-comprehensive-privacy + Fair Housing + ECOA + Colorado AI Act + NYC LL144 + EEOC + NIST AI RMF + EU AI Act + privacy + per-platform data-use gates. Skill 1 — Enrich: enrich per-lead through operator lead enrichment (ZoomInfo + Clearbit + 6sense + Demandbase + LinkedIn Sales Navigator + Apollo.io + Lusha + Cognism + Datanyze + Diffbot — operator chooses) with firmographic + technographic + intent + per-vertical-class signals + operator identity resolution (LiveRamp + Acxiom + Neustar + Experian + Equifax + TransUnion — operator chooses) + operator behavioral data (Amplitude + Mixpanel + Heap + PostHog + Snowplow + RudderStack — operator chooses) under operator-counsel-approved per-vendor license + per-aggregator data-redistribution + per-vendor sub-processor under GDPR Article 28 + per-vendor reverse-engineering prohibitions + scraping legal landscape (hiQ Labs Inc v LinkedIn Corp 9th Cir 2022 narrowing CFAA for public scraping + Meta Platforms Inc v Bright Data Ltd ND Cal January 2024 reinforcing ToS-based liability for logged-in scraping + DMCA Section 1201 + CFAA 18 USC 1030 + Van Buren v United States 594 U.S. 374 2021 narrowing CFAA + state computer-crime laws California Penal Code 502 + Texas Penal Code 33 + Florida Computer Crimes Act). Skill 2 — Score: score per-lead BANT (Budget + Authority + Need + Timing) + ICP-fit + per-vertical-class intent + per-location-fit + per-channel-engagement using operator-chosen LLM (OpenAI + Anthropic + Google + Microsoft + AWS Bedrock — operator chooses) within operator-counsel-and-AI-governance-team-approved per-lead-class scope. Score enforces operator-counsel-approved Fair Housing + ECOA + Meta SCA + Google HEC + Colorado AI Act + NYC LL144 + EEOC posture when BANT scoring drives covered-category decisions (employment + housing + insurance + financial services + legal services + healthcare + government services + education). Skill 3 — Verify: verify per-source consent provenance per FTC 2024 enforcement wave (FTC v X-Mode/Outlogic January 2024 + FTC v Mobilewalla December 2024 + FTC v Avast February 2024 $16.5M penalty + FTC v Cerebral 2024 + Massachusetts AG v X-Mode 2024) — operators using behavioral + location + browsing data from vendors with broken consent provenance face direct enforcement exposure regardless of upstream vendor obligations + sensitive-data restrictions per X-Mode settlement (visits to healthcare facilities + places of worship + schools + addiction-treatment + reproductive-health facilities) + per-state-comprehensive-privacy patchwork (CCPA + Texas DPSA + Virginia CDPA + Connecticut CTDPA + Colorado CPA + Utah CPA + Oregon + Tennessee + Maryland Online Data Privacy Act + Washington MHMDA + 19+ state laws) + GDPR Article 28 processor + Article 35 DPIA + ePrivacy when EU recipients. Verify enforces operator-counsel-approved per-vendor sub-processor attestation chain. Skill 4 — Attest: emit per-lead per-score per-vendor attestation (per-vendor license posture + per-vendor sub-processor + per-source consent provenance + FTC 2024 enforcement-wave posture + sensitive-data exclusion + GDPR Article 28 + per-state-comprehensive-privacy posture + Fair Housing + ECOA + Colorado AI Act + NYC LL144 + EEOC covered-category posture + per-vertical product-claim posture + EU AI Act Article 50 marking when AI-generated score + per-vendor LLM zero-retention + DTSA register + counsel-policy-version + AI-governance-policy-version) to the operator WORM audit trail.
Where does single-vendor lead enrichment tooling stop compounding for per-location behavioral enrichment at AI-swarm scale?
Single-vendor lead enrichment is solved. ZoomInfo + Clearbit + 6sense + Demandbase + LinkedIn Sales Navigator + Apollo.io + Lusha + Cognism + Datanyze + Diffbot ship strong managed lead enrichment. LiveRamp + Acxiom + Neustar + Experian + Equifax + TransUnion ship strong identity resolution. Segment + mParticle + Tealium + Treasure Data + ActionIQ + Lytics + Twilio Engage + Zeotap + BlueConic ship strong CDP. Amplitude + Mixpanel + Heap + PostHog + Snowplow + RudderStack ship strong behavioral data. Salesforce + HubSpot + Pipedrive + Microsoft Dynamics + Zoho + Close + Insightly + Copper + Keap + ActiveCampaign ship strong CRM. The compound case the lead-scoring-routing agent has to handle is the one where (a) operator runs continuous per-location lead enrichment across 30-100 enrichment + behavioral + identity-resolution data sources × per-vendor license posture variations + per-source consent provenance variations, (b) scraping legal landscape continues to evolve — hiQ Labs Inc v LinkedIn Corp (9th Cir 2022) narrowing CFAA for public scraping while leaving contract claims viable + Meta Platforms Inc v Bright Data Ltd (ND Cal January 2024) reinforcing ToS-based liability for logged-in scraping + DMCA Section 1201 + CFAA 18 USC 1030 + Van Buren v United States (594 U.S. 374, 2021) + state computer-crime laws — per-vendor enrichment vendor licensing distinguishes vendors with direct partner relationships from vendors that rely on scraping, (c) FTC 2024 enforcement wave compounds — FTC v X-Mode Social and Outlogic (January 2024) + FTC v Mobilewalla (December 2024) + FTC v Avast (February 2024 $16.5M penalty) + FTC v Cerebral (2024) + Massachusetts AG v X-Mode (2024) established direct operator exposure for downstream use of data from vendors with broken consent provenance + sensitive-data restrictions (healthcare facilities + places of worship + schools + addiction-treatment + reproductive-health), (d) GDPR Article 28 processor obligations with every enrichment vendor processing EU-resident data + Article 26 joint controller + Article 32 security + Article 35 DPIA when high-risk profiling + per-state-comprehensive-privacy patchwork (CCPA + Texas DPSA + Virginia CDPA + Connecticut CTDPA + Colorado CPA + Utah CPA + Oregon + Tennessee + Maryland Online Data Privacy Act + Washington MHMDA + 19+ state laws), (e) Fair Housing Act 42 USC 3604 + ECOA 15 USC 1691 + HUD Final Rule + Meta Special Ad Categories + Google Housing Employment Credit policy + Colorado AI Act SB 24-205 (effective February 1, 2026) + NYC Local Law 144 (effective July 5, 2023) + EEOC algorithmic discrimination + EEOC v Workday + Mobley v Workday class certification 2024 + EEOC 4/5ths rule + ADA Title III apply when BANT scoring drives consequential decisions in covered categories — AI-driven scoring can amplify algorithmic discrimination exposure, (f) NIST AI RMF + ISO 42001 + EU AI Act (Regulation 2024/1689) Article 9-15 high-risk requirements when scoring drives consequential decisions + Article 13 + Article 14 human oversight modalities + Article 26 deployer + Article 50 generative-content marking when AI-generated apply, (g) per-vendor LLM zero-retention attestation chain when AI generates scores apply, (h) DTSA 18 USC 1836 + state UTSA when behavioral-enrichment model + features + weights constitute operator trade-secret, (i) privacy + GDPR Article 22 automated individual decision-making + DSA + COPPA + AADC + cookie consent + per-platform data-use (Meta CAPI/AEM/Limited Data Use + Google Enhanced Conversions/RDP + Apple SKAdNetwork/AdAttributionKit/Privacy Manifests + iOS 14.5 ATT + Google Privacy Sandbox + LiveRamp DPAs) apply broadly. Without an orchestration layer above the lead enrichment + behavioral data + firmographic + identity resolution + CDP + CRM vendors, scraping legal exposure compounds under hiQ + Meta v Bright Data progeny, FTC 2024 enforcement wave exposure compounds when downstream operator use lacks per-vendor consent-provenance attestation, GDPR + per-state-comprehensive-privacy posture fragments, Fair Housing + ECOA + Colorado AI Act + NYC LL144 + EEOC exposure compounds when BANT drives covered-category decisions, EU AI Act Article 9-15 high-risk + Article 14 human oversight fragments, per-vendor LLM zero-retention fragments, DTSA exposure compounds. The orchestration above the vendors is what holds the cross-vendor + cross-vertical + cross-jurisdiction invariants.
How does Skill 3 Verify handle FTC 2024 enforcement wave (X-Mode/Outlogic + Mobilewalla + Avast + Cerebral + MA AG v X-Mode) + GDPR Article 28 + per-state-comprehensive-privacy?
Per-source consent-provenance posture is operator-counsel-approved per-vendor under the 2024 FTC enforcement landscape. FTC v X-Mode Social and Outlogic (January 2024) settled with prohibitions on sale and use of sensitive location data + restrictions on raw-location-data use. FTC v Mobilewalla (December 2024) settled with restrictions on location-data acquisition and use. FTC v Avast (February 2024) settled with $16.5 million penalty for misrepresenting browsing data privacy. FTC v Cerebral (2024) settled with restrictions on telehealth data sharing. Massachusetts AG v X-Mode (2024) reinforced state-AG scrutiny. The enforcement wave establishes that operators using location data + behavioral data + browsing data from vendors with broken consent provenance face direct operator enforcement exposure regardless of upstream vendor obligations — operator-counsel-approved per-vendor consent-provenance attestation is required. Verify enforces per-vendor consent-provenance attestation. Operator counsel reviews each data-source vendor and assigns the vendor an operator-counsel-approved posture (cleared at current attestation level + cleared with restrictions + paused pending re-attestation + prohibited). Per-vendor consent provenance includes (a) chain of consent from original consumer through any intermediaries to the operator’s licensed dataset, (b) per-jurisdiction consent class (CCPA + state-comprehensive-privacy + GDPR + ePrivacy + Maryland Online Data Privacy Act + Washington MHMDA), (c) per-vendor data-license terms governing operator-side use, (d) sensitive-data restrictions (visits to healthcare facilities + places of worship + schools + addiction-treatment + reproductive-health facilities) per FTC X-Mode settlement and progeny. The orchestration excludes sensitive data unless operator counsel has specifically cleared the use case. GDPR Article 28 processor obligations + Article 26 joint controller + Article 32 security + Article 35 DPIA when high-risk profiling. Per-state-comprehensive-privacy patchwork (CCPA + Texas DPSA + Virginia CDPA + Connecticut CTDPA + Colorado CPA + Utah CPA + Oregon + Tennessee + Maryland Online Data Privacy Act + Washington MHMDA + 19+ state laws). Per-vendor consent-provenance + FTC 2024 enforcement-wave + sensitive-data exclusion + GDPR Article 28 + per-state-comprehensive-privacy attestation writes to WORM audit trail.
How does Skill 2 Score handle Fair Housing + ECOA + Colorado AI Act + NYC LL144 + EEOC + Mobley v Workday + ADA when BANT scoring drives covered-category decisions?
Covered-category posture is operator-counsel-and-AI-governance-team-approved per-scoring-class. Fair Housing Act 42 USC 3604 prohibits discrimination in housing-related advertising. ECOA 15 USC 1691 prohibits discrimination in credit-related advertising. HUD Final Rule (2020 + subsequent amendments) governs disparate-impact analysis. Meta Special Ad Categories (Housing + Employment + Credit + Politics) restrict audience targeting. Google Housing, Employment, Credit policy similarly restricts. Colorado AI Act SB 24-205 (effective February 1, 2026) governs high-risk AI systems making consequential decisions in employment + housing + insurance + financial services + legal services + healthcare + government services + education. NYC Local Law 144 (effective July 5, 2023) requires bias audits for automated employment decision tools. EEOC algorithmic discrimination guidance + EEOC v Workday + Mobley v Workday class certification 2024 + EEOC 4/5ths rule. ADA Title III when AI-driven scoring denies service. Per-state employment-discrimination + per-state UDAP. Score enforces per-scoring-class covered-category posture (not in covered category + in covered category with Meta SCA + Google HEC + Colorado AI Act + NYC LL144 + EEOC posture applied + per-Colorado AI Act risk-management + algorithmic-discrimination prevention + impact assessment + consumer notice + right-to-explanation + AG-cooperation framework + per-NYC LL144 annual bias audit + audit summary publication + candidate notice + per-EEOC 4/5ths rule adverse-impact analysis + EU AI Act Article 14 human oversight modalities applied + paused pending counsel review + prohibited from AI-driven scoring). When BANT scoring drives covered-category decisions, Score routes through operator-counsel-approved human oversight modalities. Per-scoring-class covered-category posture + Colorado AI Act impact-assessment + NYC LL144 bias-audit + EEOC 4/5ths analysis + ADA Title III posture attestation writes to WORM audit trail with rule-citation evidence + counsel-policy-version + AI-governance-policy-version.
What compliance does the orchestration enforce, and how does it map to per-vendor data licensing + scraping legal + FTC 2024 + Fair Housing + EEOC + NIST AI RMF + EU AI Act + privacy?
Five anchors. Anchor 1 — Per-vendor data licensing + per-aggregator data-redistribution + per-vendor sub-processor + scraping legal landscape. Per-vendor data licensing terms + per-aggregator data-redistribution restrictions + per-vendor confidentiality + per-vendor security attestation + per-vendor sub-processor under GDPR Article 28 + per-vendor reverse-engineering prohibitions + hiQ Labs Inc v LinkedIn Corp (9th Cir 2022) + Meta Platforms Inc v Bright Data Ltd (ND Cal January 2024) + DMCA Section 1201 + CFAA 18 USC 1030 + Van Buren v United States (594 U.S. 374, 2021) + state computer-crime laws. Anchor 2 — Per-source consent provenance + FTC 2024 enforcement wave + GDPR + state-comprehensive-privacy. FTC v X-Mode/Outlogic (January 2024) + FTC v Mobilewalla (December 2024) + FTC v Avast (February 2024 $16.5M) + FTC v Cerebral (2024) + Massachusetts AG v X-Mode (2024) + sensitive-data restrictions (healthcare + places of worship + schools + addiction-treatment + reproductive-health facilities) + GDPR Article 28 processor + Article 26 joint controller + Article 32 security + Article 35 DPIA + per-state-comprehensive-privacy patchwork (CCPA + Texas DPSA + Virginia CDPA + Connecticut CTDPA + Colorado CPA + Utah CPA + Oregon + Tennessee + Maryland Online Data Privacy Act + Washington MHMDA + 19+ state laws). Anchor 3 — Fair Housing + ECOA + Colorado AI Act + NYC LL144 + EEOC + ADA. Fair Housing Act 42 USC 3604 + ECOA 15 USC 1691 + HUD Final Rule + Meta Special Ad Categories + Google Housing Employment Credit policy + Colorado AI Act SB 24-205 (effective February 1, 2026) + NYC Local Law 144 (effective July 5, 2023) + EEOC algorithmic discrimination guidance + EEOC v Workday + Mobley v Workday class certification 2024 + EEOC 4/5ths rule + ADA Title III + per-state employment-discrimination + per-state UDAP. Anchor 4 — NIST AI RMF + ISO 42001 + EU AI Act Article 9-15 + Article 13/14/50 + per-vendor LLM zero-retention + DTSA. NIST AI RMF (NIST AI 100-1) Map + Measure + Manage + ISO/IEC 42001 Clause 8 + EU AI Act (Regulation 2024/1689) Article 9-15 high-risk requirements when behavioral enrichment + BANT scoring drives consequential decisions + Article 13 + Article 14 human oversight modalities + Article 26 + Article 50 generative-content marking + per-vendor LLM zero-retention attestation chain + DTSA 18 USC 1836 + state UTSA when behavioral-enrichment model constitutes trade-secret. Anchor 5 — Privacy + per-platform data-use + DSA + COPPA + AADC + cookie consent. CCPA Section 1798.140(ae) cross-context + state-comprehensive-privacy + GDPR Article 22 automated individual decision-making + Article 28 + Article 35 DPIA + ePrivacy + UK GDPR + UK PECR + EU DSA Article 16 + Article 28 + COPPA + AADC + cookie consent (per-platform CMP + per-state consent + IAB TCF v2) + per-platform data-use (Meta CAPI + Google Enhanced Conversions + Apple SKAdNetwork + LiveRamp). Broader gate enforced via policy-as-code. WORM audit trail with per-statute retention per operator counsel policy.
What does the engagement look like across Tier 1 → Tier 2 → Tier 3, and what does the Tier 3 reporting cycle commit to?
Tier 1 AI Readiness Assessment (2-3 weeks): audits the operator current per-location behavioral enrichment + BANT + firmographic posture; gap-pack identifies which per-vendor enrichment lacks operator-counsel-approved scraping-posture under hiQ + Meta v Bright Data + DMCA + CFAA + Van Buren + state computer-crime laws, which lacks per-vendor sub-processor + per-vendor consent-provenance attestation under FTC 2024 enforcement wave, which lacks sensitive-data exclusion, which lacks GDPR Article 28 + Article 35 DPIA + per-state-comprehensive-privacy posture, which BANT scoring lacks Fair Housing + ECOA + Colorado AI Act + NYC LL144 + EEOC + Mobley v Workday + ADA covered-category posture, which lacks NIST AI RMF + ISO 42001 + EU AI Act Article 9-15 + Article 14 wiring, which lacks per-vendor LLM zero-retention attestation chain, which lacks DTSA + state UTSA register, whether CCPA + GDPR Article 22 + DSA + COPPA + AADC + cookie consent + per-platform data-use is wired. Tier 2 AI Swarm Setup Sprint (4-8 weeks): builds the 4-skill bundle on the lead-scoring-routing agent, wires lead enrichment + behavioral data + firmographic + identity resolution + CDP + CRM + LLM + policy-as-code + WORM-storage (operator-chosen subset), configures the operator-counsel-and-AI-governance-team-approved per-vendor scraping-posture register + per-vendor sub-processor attestation chain + per-vendor consent-provenance attestation register + sensitive-data exclusion + GDPR Article 28 + Article 35 DPIA + per-state-comprehensive-privacy + per-scoring-class Fair Housing + ECOA + Colorado AI Act + NYC LL144 + EEOC + ADA posture + NIST AI RMF + ISO 42001 + EU AI Act Article 9-15 + Article 13/14/50 + per-vendor LLM zero-retention attestation chain + DTSA register + CCPA + GDPR Article 22 + DSA + COPPA + AADC + cookie consent + per-platform data-use, runs 30-day shadow + canary with Score in audit-only before flipping to enforce-mode. Tier 3 Fractional CMO with AI Swarm (6-month minimum): continues with continuous Enrich + Score + Verify + Attest. Tier 3 reporting is a 6-workstream pre-engagement-baseline reporting cycle (per-vendor scraping + per-vendor sub-processor freshness + per-vendor consent-provenance + FTC 2024 enforcement-wave posture freshness + Fair Housing + ECOA + Colorado AI Act + NYC LL144 + EEOC posture freshness + NIST AI RMF + EU AI Act Article 9-15 + Article 14 + Article 50 marking + per-vendor LLM zero-retention attestation + WORM audit-trail completeness) measured against the operator’s pre-engagement baseline. Reporting carries explicit caveats sit outside Completions control + attorney-client privilege preservation.
Who owns the enrichment stack, the CDP, the identity resolution vendors, the consent-provenance register, and the audit trail?
Operator owns every artifact. Lead enrichment + firmographic subscription (ZoomInfo + Clearbit + 6sense + Demandbase + LinkedIn Sales Navigator + Apollo.io + Lusha + Cognism + Datanyze + Diffbot — operator chooses) runs under operator billing. CDP (Segment + mParticle + Tealium + Treasure Data + ActionIQ + Lytics + Twilio Engage + Zeotap + BlueConic — operator chooses) runs under operator billing. Identity resolution (LiveRamp + Acxiom + Neustar + Experian + Equifax + TransUnion — operator chooses) runs under operator account. Behavioral data (Amplitude + Mixpanel + Heap + PostHog + Snowplow + RudderStack — operator chooses) runs under operator billing. CRM (Salesforce + HubSpot + Pipedrive + Microsoft Dynamics + Zoho + Close + Insightly + Copper + Keap + ActiveCampaign — operator chooses) runs under operator billing. LLM provider contracts run under operator account with operator-counsel-approved DPAs + zero-retention attestation. The operator-counsel-and-AI-governance-team-approved per-vendor scraping-posture register + per-vendor sub-processor attestation chain + per-vendor consent-provenance attestation register + FTC 2024 enforcement-wave posture + sensitive-data exclusion library + GDPR Article 28 processor + Article 35 DPIA + per-state-comprehensive-privacy posture + per-scoring-class Fair Housing + ECOA + Colorado AI Act + NYC LL144 + EEOC + ADA posture + NIST AI RMF + ISO 42001 + EU AI Act Article 9-15 + Article 13/14/50 + Article 50 marking + per-vendor LLM zero-retention attestation chain + DTSA register + CCPA + GDPR Article 22 + DSA + COPPA + AADC + cookie consent + per-platform data-use records all live in operator counsel + sales + marketing + CISO + AI-governance repo. The Enrich + Score + Verify + Attest skill code lives in operator code repo. The policy-as-code policies live in operator code repo, counsel-aligned. The WORM audit trail lives on operator-controlled cloud storage. Completions owns the orchestration knowledge and transfers it under the Tier 3 transition path (30-60 days at engagement end). Completions credentials revoke on engagement-end.
Engage Completions
Start with the AI Readiness Assessment (Tier 1, 2-3 weeks). Hand off to Tier 2 AI Swarm Setup Sprint (4-8 weeks). Continue under Tier 3 Fractional CMO with AI Swarm ( 6-month minimum, 1-2 days/wk embedded).
Related reading
- Done-for-you lead routing rules engine (the downstream routing that consumes per-lead BANT + firmographic scores)
- AI agent governance (the broader governance posture this behavioral-enrichment skill operates within)
- Fractional CMO with AI Swarm (Tier 3 engagement that operates the behavioral-enrichment cycle)