AI & Data Privacy

Data Ownership & Privacy

Confidentiality

Client data is treated as strictly confidential and is processed only with explicit consent or when necessary to deliver our services. We never share personal information with third parties unless required by law or covered by a Data Processing Agreement (DPA).

Encryption

All data is encrypted in transit (TLS 1.3) and at rest  (AES-256). Encryption keys are managed through secure key-management services with automatic rotation and strict access controls.

Generated Content Ownership

Clients retain full ownership of any identifiable content or intellectual property generated through Inspectr. We never commercialize or sell client data, and customers may request correction, deletion, or export of their information at any time.

How does Inspectr ensure privacy between customers’ data?

We enforce strict tenant isolation at every layer of our stack:

  • Row-level security (RLS) logically separates each customer’s data.
  • Role-based access control (RBAC) governs every request and is fully audited.
  • Proprietary AI agents apply prompt-level masking so no personally identifiable information (PII) leaves the platform.
  • Infrastructure is hosted on AWS in dedicated VPCs with annual third-party penetration testing.

Do I need to provide proprietary data to use Inspectr?

No. Inspectr can deliver baseline diagnostics using publicly available information. Supplying proprietary inputs (e.g. asset details, work-order history) simply improves accuracy. When proprietary data is provided, it remains fully owned by the client and is subject to the same security controls described above.

Model Updates & Retraining

Our general models are continually updated using publicly accessible datasets— including maintenance records and pricing benchmarks—to ensure accurate diagnostics and cost estimates. Proprietary data, when supplied, is never used to train our shared models.

Compliance & Accreditation

  • SOC 2 Type 2 Certified Models —all core models undergo annual audits.
  • GDPR & CCPA Aligned —data processing is lawful, fair, and transparent.
  • Annual Pen-Testing —conducted by independent security firms to identify and remediate vulnerabilities.

Questions?

Have additional questions or need detailed security documentation? Reach out to us: