Prisme.ai is committed to protecting the privacy and security of your data. This page outlines our approach to data privacy, the measures we take to safeguard information, and the controls available to customers to manage their data effectively.

Our Data Privacy Principles

Data Ownership

Your data remains yours. Prisme.ai acts as a processor, not an owner of your information.

Transparency

Clear policies about what data is collected, how it’s used, and who can access it.

Security by Design

Privacy protection is built into our platform architecture, not added as an afterthought.

Compliance

Our practices align with major privacy regulations like GDPR, CCPA, and other regional standards.

How Prisme.ai Handles Your Data

Data Collection and Storage

Prisme.ai collects and processes different types of data to provide our services:
Information about users of the platform including:
  • Account information (names, email addresses, organization details)
  • Authentication credentials (securely stored and encrypted)
  • User preferences and settings
  • Activity logs for security and audit purposes

Data Processing

Prisme.ai processes your data in the following ways:
  1. Service Provision: To deliver our core platform functionality
  2. Performance Optimization: To improve response times and system reliability
  3. Security Monitoring: To protect against threats and unauthorized access
  4. Analytics: To provide insights about usage patterns and feature adoption
Data processing activities are governed by our Terms of Service and Data Processing Agreement (DPA) available to enterprise customers.

Data Segregation and Multi-Tenancy

Prisme.ai implements robust data segregation to ensure information from different customers remains separate and secure:
  • Logical Segregation: Data is partitioned at the database and application layers
  • Access Controls: Fine-grained permission systems prevent unauthorized cross-tenant access
  • Tenant Isolation: Processing resources are isolated to prevent performance impact between tenants
For enterprise deployments, dedicated infrastructure options are available for enhanced isolation.

Data Sovereignty and Residency

Prisme.ai offers options to maintain data within specific geographical regions to comply with local regulations:
1

Regional Deployments

Choose where your Prisme.ai instance is hosted based on your compliance requirements
2

Data Storage Controls

Configure where your data is stored and processed
3

Processing Boundaries

Set boundaries for where data processing can occur

AI and Machine Learning Privacy Considerations

When using AI and machine learning features in Prisme.ai, additional privacy considerations apply:
Prisme.ai’s approach to AI privacy focuses on keeping you in control of how your data is used with AI models. We provide transparency about when information is sent to external AI services and offer options for using local models when data must remain within your environment.

LLM Data Usage

Privacy Controls for Administrators

Prisme.ai provides administrators with robust controls to manage data privacy:

Organization-Level Controls

  • Data Retention Policies: Configure how long different types of data are retained
  • Privacy Settings: Set organization-wide defaults for privacy options
  • Access Control: Manage who can access different types of information

Project-Level Controls

  • Data Classification: Label projects with appropriate sensitivity levels
  • Sharing Restrictions: Control whether content can be shared externally
  • Audit Logging: Track all access and modifications to sensitive projects

User Controls

  • Permission Management: Define what actions users can perform with data
  • Usage Transparency: View how user data is being utilized within the platform
  • Data Subject Rights: Tools to help fulfill requests related to personal data

Data Minimization and Purpose Limitation

Prisme.ai follows data minimization principles, collecting only what’s necessary to provide our services:
  1. Collection Limitation: We only collect data needed for legitimate purposes
  2. Storage Minimization: Data is retained only as long as necessary
  3. Processing Restriction: Data is used only for its intended purpose

Privacy by Design Implementation

Our commitment to privacy by design means privacy considerations are integrated throughout our development process:
1

Requirements Analysis

Privacy requirements are identified at the earliest stages of product development
2

Design Phase

Privacy-enhancing technologies and architectures are incorporated into designs
3

Development

Privacy controls are implemented and tested during development
4

Testing

Privacy features undergo rigorous testing, including penetration testing
5

Deployment

Privacy settings are configured with secure defaults
6

Monitoring

Ongoing monitoring ensures privacy controls remain effective

Additional Resources

Privacy Policy

Our detailed privacy policy covering all aspects of data privacy

Data Processing Agreement

Our DPA for enterprise customers requiring GDPR compliance. Ask your Customer Success Manager.

Security Compliance

Information about our compliance certifications and standards

SSO Implementation

How to configure Single Sign-On for enhanced security

Contact Information

For specific inquiries about data privacy or to request more information:
  • Privacy & Data Protection Officer: dpo@prisme.ai
  • Support: For existing customers, please use your dedicated support channel