Every detected change is classified as major, moderate, or minor. The classification drives how the change appears in your digest and feed, and it can be overridden if you disagree.
How classification works
When a change is detected, Thorgate sends the diff (the actual added and removed text) to Anthropic's Claude with a deterministic prompt. The same input produces the same output — there's no randomness in the classifier.
The prompt is structured to apply specific rules:
Major — at least one of:
- A new subprocessor or processor added.
- A retention period changed.
- A jurisdiction added (storage, processing, or access location).
- Breach notification terms changed.
- A new use of customer data disclosed (AI training, advertising, sale, sharing).
- Security commitments materially weakened.
- A change to encryption commitments.
- A change to access controls commitments.
Moderate — at least one of:
- A non-trivial clarification of an existing practice.
- A scope change that doesn't reach "major."
- A change in language about data subject rights pathways.
- Updates to legal entity structure or contact details.
Minor — none of the above. Typically:
- Typo or grammar fixes.
- Reformatting without semantic change.
- Updated dates without other changes.
- Broken-link fixes.
Why the classifier sometimes gets it wrong
The classifier reads the diff in isolation. It doesn't know:
- Your specific risk tolerance for this vendor.
- Your existing transfer mechanisms and TIA.
- Whether a "new" subprocessor is actually one you've already accepted.
- The history of your relationship with the vendor.
This means the classifier can be too aggressive (flagging a clarification as major because it mentions a subprocessor) or too lenient (flagging a structural change as moderate because the visible diff is small). It's calibrated to err slightly toward major over minor — false negatives matter more in this domain than false positives.
Overriding a classification
On any change event, you can manually adjust the severity. The reviewer name and timestamp are recorded in the audit trail; the original classification is preserved for reference.
Use overrides when:
- The classifier missed context that makes the change less material than it appears.
- The classifier missed context that makes the change more material than it appears.
- A change was incorrectly attributed to a vendor (rare but possible if a hosted page is shared across vendors).
Why this matters for audit evidence
The audit-evidence export records the final severity (after any overrides), the reviewer, and the date of review. A change marked "minor, reviewed by [name] on [date]" is acceptable evidence; a change with no review at all is not.
The export does not record the classifier's original output if overridden — the audit story is "we evaluated this and decided X." If you need to preserve the original AI output for internal review, the change detail page shows it alongside the override.
Limits to rely on
The classifier is calibrated for English-language text. It performs less well on:
- Documents in languages other than English (we're working on multilingual support).
- Heavily-tabular content where the diff loses table structure.
- Documents that mix policy text with marketing material.
If you see consistently odd classifications on a particular vendor, contact support@thorgate.com — sometimes the issue is upstream (the document parser is misbehaving) rather than the classifier itself.