Client data is treated as strictly confidential and is only processed with the client's explicit consent or for legitimate purposes necessary for providing our services. We do not share personal data with third parties unless required by law or as specified in the client's data processing agreement. Clients have the right to access, correct, delete, or transfer their personal data at any time.
All personal data is encrypted using industry-standard encryption protocols. This ensures that data is secure against unauthorized access and tampering, in alignment with our commitment to protecting your privacy and securing your information.
Our infrastructure is designed to enforce strict data isolation between clients, ensuring that each client's data is processed independently. We employ data minimization techniques to collect and store only the necessary data required for service delivery, reducing the risk of cross-contamination or unauthorized access.
Clients retain full ownership of all generated identifiable content, including any client data or intellectual property. We do not commercialize, sell, or share identifiable client data. Clients have full control over their data, including the rights to access, correct, delete, or transfer their data, and to restrict or object to certain types of processing.
At Inspectr, we align with the security and privacy policies of the large language models (LLMs) we utilize as a baseline. This means that the privacy policy of these LLMs extends to Inspectr's services. Here's how we ensure privacy:
No, it is not necessary to use specific proprietary data to access our services. Our services can provide basic diagnostics and pricing estimates using publicly available information. However, for a more tailored experience, integrating certain types of proprietary data can enhance the accuracy of our outputs. This customization requires only minimal data, such as descriptions of issues or asset details. Importantly, in scenarios where customization is applied, identifiable data ownership remains entirely with the client, consistent with our privacy policies. This approach ensures our services can be adapted to specific needs while upholding data security and privacy standards.
Our general API is continuously updated and retrained using a wide array of sources, including publicly accessible information and publicly available maintenance and pricing data such as issue descriptions and diagnostics. This ensures that our models remain current and effective in providing accurate diagnostics and pricing estimates.
Our operations, including the models we use, are structured to respect the privacy rights of individuals under the GDPR and CCPA. We ensure that personal data is processed lawfully, fairly, and transparently. Clients can request a Data Processing Agreement (DPA) to outline the specifics of how their data is handled, including purposes of processing, data retention, and security measures. Our data processing activities are continuously monitored and audited to uphold these standards.
All of our utilized models have been evaluated by a third-party security auditor and are SOC 2 Type 2 compliant.
All of our utilized models undergo annual third-party penetration testing to identify and address security weaknesses before they can be exploited by malicious actors.