eesel Chat privacy FAQ
Privacy is at the heart of everything we do at eesel. Our extension is Fast Company’s top new apps of 2022 and has 12k monthly users in companies like Atlassian, Shopify and Intercom. A key reason for our success has been our privacy first approach.
We’re now kicking off GPT integrations with eesel. You’ll be able to ask any question and it will answer based on your company knowledge. Here’s a run through privacy related questions for this. You can always reach out at hi@eesel.app for any clarifications.
FAQ
What data does the app read and why?
You retain complete control over the information that our app has access to. The app operates on a strict need-to-know basis and accesses only the data that you specifically instruct it to.
Public Pages: Our app is designed to read public pages that you have explicitly designated for access. No other public page data is collected or retrieved unless you have specifically configured it.
User-Specified Pages: Our browser extension offers a unique feature to "teach" the app about any webpage in your browser. When you choose to "import" a browser tab, our app gathers the page title, content, and url of the tab. This operation requires explicit user initiation, and no other data from any other page is accessed or collected unless instructed.
When you pose a query to the app, the responses generated are solely based on the page data you have previously allowed it to access.
How is the data stored?
The app stores embeddings (mathematical representations) of the data you give access to securely on eesel servers. This is critical for the app to answer questions. Whenever you make a request, the app uses the embeddings to find related pages you have "taught" it, and only related snippets of these pages are shared with OpenAI as “context”, based on which the response to the question is generated.
OpenAI does not use data submitted to train or improve their models. Any data sent is retained for abuse and misuse monitoring purposes for a maximum of 30 days, after which it is deleted. You can read more here.
How long is the data retained?
Any data collected by the app is stored securely in our servers and is only accessible to authorized personnel. We will retain data for the duration of the subscription to our service and for a period of 30 days following termination of the subscription. After this period, all of your associated data will be permanently deleted from our servers.
What security measures have been implemented?
We've implemented many security best practices:
We’ve gone through the 7-layer OSI model and applied several best practices e.g. using TLS to encrypt all traffic, having 2FA on our AWS with strong passwords, only consuming tokens with POST requests
Client ID and secret, and bot tokens are handled very delicately. We don’t expose them in public or client-side code, or distribute them in email or native applications.
We don’t request any user tokens.
We only request necessary scopes and the “least privilege” token that’s possible for the app to function.
How can I request access, transfer, or deletion of my data?
You can request access, transfer or deletion of your associated data with eesel by emailing us at hi@eesel.app. We will delete all of your associated data within 30 days of receiving a request.
What subprocessors do you use?
Here is a full list of sub processors: eesel Subprocessor list. OpenAI is the key service we use to power the app.
Is this GDPR compliant?
Here's a run through of how we are GDPR compliant.