Data Security Policy

Your Data is Safe with Us

Our commitment to data security and privacy.

ChatGPT has become synonymous with Artificial Intelligence, with even those previously unfamiliar with AI now gaining knowledge about it. Its popularity has soared, leading businesses and individuals to seek AI bots similar to ChatGPT but tailored to their own data. At GreyAI, our aim is to simplify and streamline this process, eliminating the need to delve into the complex technicalities of AI while staying up-to-date with the latest innovations.

One significant concern among individuals and businesses using AI for their custom use-cases is the integrity and security of their data. Building language models like GPT necessitates the use of extensive training datasets, which may raise valid concerns about data privacy. At GreyAI, we understand and respect these concerns, and we prioritize the protection of your data and privacy.

To understand how GreyAI ensures the security of your data throughout the process, let’s break down the journey into three sections: DocumentsEmbeddings, and Model.

Documents

GreyAI utilizes the secure and private Amazon Simple Storage Service (S3) to store your documents in the initial stage before further processing. S3 ensures encryption of all object uploads to all buckets, maintaining compliance with various programs like PCI-DSSHIPAA/HITECHFedRAMPEU Data Protection Directive, and FISMA. This ensures that your data remains protected and compliant with regulatory requirements. Documents uploaded to GreyAI follow the SSE-S3 (Server-Side Encryption) protocol, allowing exclusive access to you and your team members, ensuring data confidentiality and privacy.

Embeddings

Embeddings are essentially a representation of your data in the form of vectors (lists of numbers). Since the data provided to GreyAI is unstructured, converting it into embeddings allows for faster retrievals and semantic search.

For storing these vectors or embeddings, GreyAI relies on Pinecone, a secure vector database trusted by some of the largest enterprises.

Pinecone offers robust security features like:

  1. SOC2 Type II certification

  2. GDPR-compliance

  3. Routine Penetration Tests to check for vulnerabilities.

  4. Isolated Kubernetes containers on fully managed and secure AWS infrastructure for storing data.

Model

GreyAI leverages OpenAI’s GPT models, including GPT-3.5, GPT-3.5 16K, and GPT-4, to generate responses. Due to resource limitations, these models are not hosted on GreyAI’s native servers. Instead they utilise the APIs provided by OpenAI (also used for creating embeddings for your documents and queries). When generating responses, only the specific portion of data relevant to the question asked is sent in the request, rather than transmitting all the documents. This approach ensures efficient processing, data integrity and minimizes unnecessary data transfers. An additional security mechanism provided by the API is that your data will not be used to train any existing or new language model. This ensures that your data remains restricted to your bot and is not utilized for model training purposes.

Starting on March 1, 2023, we are making two changes to our data usage and retention policies:
1. OpenAI will not use data submitted by customers via our API to train or improve our models, unless you explicitly decide to share your data with us for this purpose. You can opt-in to share data.
2. Any data sent through the API will be retained for abuse and misuse monitoring purposes for a maximum of 30 days, after which it will be deleted (unless otherwise required by law).

Source: OpenAI

This commitment provides an additional layer of confidentiality and ensures the privacy and security of your data. To know more, you can read this article.

Conclusion

When considering all three factors together, GreyAI demonstrates a well-constructed approach to data security and compliance, ensuring the 99% security of your data. In an era where data privacy is of utmost importance, we strive to go above and beyond to ensure the complete security of your data.

If you have any feedback or questions regarding GreyAI and its data security, please don’t hesitate to reach out to us.