How do we protect your privacy using our ChatGPT products?

At AINIRO, we care about your privacy. The last couple of days, as we've been releasing features such as DuckDuckGo searches and live internet searches using our AI chatbots, a lot of people have started asking about privacy related concerns. I completely understand why, as we're used to features like this meaning all your data is being sold to some kind of third party - so in this article I'll go through how we protect your privacy and what using our AI chatbots means for your data.

What does OpenAI do with your data?

First off, let's talk about what OpenAI does with any data they're receiving from us - are they going to train ChatGPT on your questions? Since we're using the OpenAI API, they're not training ChatGPT on anything you ask our chatbot. None of the info we're sending to OpenAI is being used to train ChatGPT. Data is retained for up to 30 days to monitor for abuse, but as long as you're not somehow doing something illegal when using our chatbot, that info will be deleted within 30 days. While I can't image this scenario happening, if you do something illegal, we actually have no way to identify you even if we got a court order to do so. I wrote a blog about how OpenAI uses your data a while back, which you can read if you'd like to get into the specifics on this issue.

So how do we protect your data?

Next up is how we at AINIRO protect your data. A common concern has been if we send your personal information along with your prompt to DuckDuckGo and OpenAI. We do not. What actually happens when you're using our chatbot is that the prompt is sent to our backend. We extract everything between the double quotes ("query"), and send that to DuckDuckGo. We never log IP or any fingerprints that would allow us to identify you or your location. Whatever results we get from DuckDuckGo is then sent along with your prompt to OpenAI, at which point ChatGPT will use that information to word a response using this data.

So no, even if you're able to do live internet searches using our chatbot, we don't send any identifying information about you or your device anywhere. If you buy a professional and/or enterprise cloudlet you even get a private database, and a private Kubernetes POD. Yes, private even from us (unless you want our help with something - at which point we may need you to create a user for us in your cloudlet so we can access it). Even if we access your cloudlet to help you with something, we're not going to claim ownership of your data, and will only access the parts of the cloudlet necessary to fix whatever you need our help with. The data in your cloudlet is your own.

Of course, if you buy a solution from us, we'll get access to some of your personal info that we need to be able to process the payment. However, we are a Norwegian registered company. That means that we have to follow both Norwegian privacy laws and GDPR, famed for being the most restrictive privacy law that exists. Even if we wanted to, we couldn't sell your data to a third party without your explicit consent. Not that we would ever want to do that, privacy is actually something we truly care about, whether you do or not.

What about the lead gen feature?

We do also get some of your personal data if you tell us - for example by leaving your full name and address in the chatbot. We're not going to save anything else than email correspondences if you leave your email address in our chatbot. In which case, our system will automatically send us an email with your chat history and your email address. In a case like this, your email address (and the message containing your email address) is not sent to OpenAI at any point, the chatbot will actually leave a static reply and just send the chat history to our own email address! You can also activate the lead gen feature for your own AI chatbot using our system. And hey, do you want to keep your conversation with Frank private? Just open a new window in incognito, write a short message to Frank mentioning how we can help you and end the message with your email address.

In conclusion

At AINIRO, we really care about your privacy and how your data is used. While it might seem like some of this is completely random, it's not. We've taken extra steps to ensure privacy isn't a concern whenever we've released a new feature, and this is something we'll keep doing. Yeah sure, there's probably money to be made if we were willing to not be as careful, but that's not our business model. We care about our users, clients and parters, and we're not willing to become one of those companies. It might actually not be possible to find something "more private" than this, that will still allow you to leverage AI and GPT, unless you install a local open source GPT model on your own server. Our platform is Open Source if you want to take a look and verify what I'm saying.