The Privacy-by-Design model we offer facilitates compliance with both the EU General Data Protection Regulation (GDPR) and the UK GDPR.
- Data minimization: Only small text fragments or vector representations required for contextual retrieval are stored
- Purpose limitation: Derived data is only used to answer authorised user queries
- Accuracy: Synchronization with your document repository updates the information the agent uses to answer queries from users
- Right to be forgotten/ erasure: When a document is deleted from your repository in MS Sharepoint, Google Docs or similar, the associated derived representations are removed from the retrieval index
- Integrity and confidentiality: AES-256 encryption is implemented to protect data at rest and TLS 1.2+ to protect data in transit
The agent can be configured to redact or anonymise personal data before it is processed by the retrieval index or sent to a large language model like CGPT, Gemini or Claude.
In addition, filters can be configured to restrict retrieval to information relating to legal entities from CRM or ERP systems, thereby avoiding the processing of personal data.
.png){kind=icon}
