> ## Documentation Index
> Fetch the complete documentation index at: https://docs.prisme.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Data Privacy

> Understanding data privacy in Prisme.ai and how your information is protected

Prisme.ai is committed to protecting the privacy and security of your data. This page outlines our approach to data privacy, the measures we take to safeguard information, and the controls available to customers to manage their data effectively.

## Our Data Privacy Principles

<CardGroup cols={2}>
  <Card title="Data Ownership" icon="user-shield">
    Your data remains yours. Prisme.ai acts as a processor, not an owner of your information.
  </Card>

  <Card title="Transparency" icon="eye">
    Clear policies about what data is collected, how it's used, and who can access it.
  </Card>

  <Card title="Security by Design" icon="lock">
    Privacy protection is built into our platform architecture, not added as an afterthought.
  </Card>

  <Card title="Compliance" icon="check-square">
    Our practices align with major privacy regulations like GDPR, CCPA, and other regional standards.
  </Card>
</CardGroup>

## How Prisme.ai Handles Your Data

### Data Collection and Storage

Prisme.ai collects and processes different types of data to provide our services:

<Tabs>
  <Tab title="User Data">
    Information about users of the platform including:

    * Account information (names, email addresses, organization details)
    * Authentication credentials (securely stored and encrypted)
    * User preferences and settings
    * Activity logs for security and audit purposes
  </Tab>

  <Tab title="Content Data">
    Information you create or upload to the platform including:

    * Documents and files uploaded to knowledge bases
    * Chat histories and interactions with AI agents
    * Workspace and project configurations
    * Custom prompts and AI settings
  </Tab>

  <Tab title="System Data">
    Technical information required for operations:

    * Performance metrics and usage statistics
    * Error logs and diagnostic information
    * Infrastructure and security monitoring data
  </Tab>
</Tabs>

### Data Processing

Prisme.ai processes your data in the following ways:

1. **Service Provision**: To deliver our core platform functionality
2. **Performance Optimization**: To improve response times and system reliability
3. **Security Monitoring**: To protect against threats and unauthorized access
4. **Analytics**: To provide insights about usage patterns and feature adoption

Data processing activities are governed by our Terms of Service and Data Processing Agreement (DPA) available to enterprise customers.

## Data Segregation and Multi-Tenancy

Prisme.ai implements robust data segregation to ensure information from different customers remains separate and secure:

* **Logical Segregation**: Data is partitioned at the database and application layers
* **Access Controls**: Fine-grained permission systems prevent unauthorized cross-tenant access
* **Tenant Isolation**: Processing resources are isolated to prevent performance impact between tenants

For enterprise deployments, dedicated infrastructure options are available for enhanced isolation.

## Data Sovereignty and Residency

Prisme.ai offers options to maintain data within specific geographical regions to comply with local regulations:

<Steps>
  <Step title="Regional Deployments">
    Choose where your Prisme.ai instance is hosted based on your compliance requirements
  </Step>

  <Step title="Data Storage Controls">
    Configure where your data is stored and processed
  </Step>

  <Step title="Processing Boundaries">
    Set boundaries for where data processing can occur
  </Step>
</Steps>

## AI and Machine Learning Privacy Considerations

When using AI and machine learning features in Prisme.ai, additional privacy considerations apply:

<Note>
  Prisme.ai's approach to AI privacy focuses on keeping you in control of how your data is used with AI models. We provide transparency about when information is sent to external AI services and offer options for using local models when data must remain within your environment.
</Note>

### LLM Data Usage

<AccordionGroup>
  <Accordion title="How LLMs Use Your Data">
    When you use large language models (LLMs) within Prisme.ai, your data may be processed by these models to generate responses. This might include:

    * Queries you enter in chat interfaces
    * Documents processed by the RAG system
    * Contextual information provided to the AI

    The extent of data sharing depends on whether you're using Prisme.ai's built-in models, your own deployed models, or third-party AI services.
  </Accordion>

  <Accordion title="External AI Service Privacy">
    When using external AI services (such as OpenAI's GPT models, Azure OpenAI, Anthropic's Claude, etc.):

    * Data is transmitted to these services for processing
    * Each service has its own privacy policies regarding data retention and usage
    * Prisme.ai configures these integrations with privacy-preserving defaults

    Enterprise customers can configure which external services are permitted and which are restricted based on their compliance requirements.
  </Accordion>

  <Accordion title="On-Premises AI Options">
    For organizations with stricter data privacy requirements, Prisme.ai offers:

    * Support for locally deployed open-source LLMs
    * Integration with private AI deployments
    * Hybrid approaches that use local models for sensitive data

    These options ensure that data never leaves your environment while still leveraging AI capabilities.
  </Accordion>
</AccordionGroup>

## Privacy Controls for Administrators

Prisme.ai provides administrators with robust controls to manage data privacy:

### Organization-Level Controls

* **Data Retention Policies**: Configure how long different types of data are retained
* **Privacy Settings**: Set organization-wide defaults for privacy options
* **Access Control**: Manage who can access different types of information

### Project-Level Controls

* **Data Classification**: Label projects with appropriate sensitivity levels
* **Sharing Restrictions**: Control whether content can be shared externally
* **Audit Logging**: Track all access and modifications to sensitive projects

### User Controls

* **Permission Management**: Define what actions users can perform with data
* **Usage Transparency**: View how user data is being utilized within the platform
* **Data Subject Rights**: Tools to help fulfill requests related to personal data

## Data Minimization and Purpose Limitation

Prisme.ai follows data minimization principles, collecting only what's necessary to provide our services:

1. **Collection Limitation**: We only collect data needed for legitimate purposes
2. **Storage Minimization**: Data is retained only as long as necessary
3. **Processing Restriction**: Data is used only for its intended purpose

## Privacy by Design Implementation

Our commitment to privacy by design means privacy considerations are integrated throughout our development process:

<Steps>
  <Step title="Requirements Analysis">
    Privacy requirements are identified at the earliest stages of product development
  </Step>

  <Step title="Design Phase">
    Privacy-enhancing technologies and architectures are incorporated into designs
  </Step>

  <Step title="Development">
    Privacy controls are implemented and tested during development
  </Step>

  <Step title="Testing">
    Privacy features undergo rigorous testing, including penetration testing
  </Step>

  <Step title="Deployment">
    Privacy settings are configured with secure defaults
  </Step>

  <Step title="Monitoring">
    Ongoing monitoring ensures privacy controls remain effective
  </Step>
</Steps>

## Additional Resources

<CardGroup cols={2}>
  <Card title="Privacy Policy" icon="shield-alt" href="https://www.prisme.ai/en/politique-de-confidentialite">
    Our detailed privacy policy covering all aspects of data privacy
  </Card>

  <Card title="Data Processing Agreement" icon="file-contract">
    Our DPA for enterprise customers requiring GDPR compliance. Ask your Customer Success Manager.
  </Card>

  <Card title="Security Compliance" icon="check-double" href="/resources/security/compliance">
    Information about our compliance certifications and standards
  </Card>

  <Card title="SSO Implementation" icon="key" href="/resources/security/sso">
    How to configure Single Sign-On for enhanced security
  </Card>
</CardGroup>

## Contact Information

For specific inquiries about data privacy or to request more information:

* **Privacy & Data Protection Officer**: [dpo@prisme.ai](mailto:dpo@prisme.ai)
* **Support**: For existing customers, please use your dedicated support channel
