This article provides details on the security measures in place for data that you provide to AnswerRocket that is processed using OpenAI’s GPT large language model. AnswerRocket’s Max solution is an AI assistant that leverages GPT technology to understand and respond to your natural language prompts. When using Max, the database remains in place, but user questions are sent to GPT via the OpenAI API. Also, any insights we find in the data—for example, highs, lows, trends, and forecasted items—are sent to GPT for summarization.
OpenAI has implemented multiple security measures to ensure the safety and privacy of your data:
- Encryption: All data transmitted between Max and the OpenAI API is encrypted using Transport Layer Security (TLS). This ensures that any data sent to and received from the API is protected against unauthorized access and tampering during transit.
- Data usage and retention policies: As of March 1, 2023, OpenAI will not use customer data submitted via the API to improve its models unless you explicitly opt-in to share your data. By default, your data is only used for processing your requests and is not utilized for training purposes. OpenAI retains API data for a maximum of 30 days, after which it is deleted (unless otherwise required by law).
- Limited data access: Only a small number of authorized OpenAI employees and specialized third-party contractors, who are bound by confidentiality and security obligations, can access the API data. This access is granted solely for the purpose of investigating and verifying suspected abuse or misuse.
- Security certifications: OpenAI is SOC 2 Type 1 compliant, meaning that it has been audited by an independent third party to ensure its security measures are in line with the 2017 Trust Services Criteria for Security.
It is important to note that while OpenAI has implemented robust security measures to protect your confidential information, no system can guarantee absolute security. However, AnswerRocket and OpenAI are both committed to maintaining a high level of security and will continue to update our respective policies and protocols to safeguard your data.
Updated