Socrates AI Data Privacy Guide
This guide provides an overview of Socrates' approach to security and privacy for paying users. In particular, we will be discussing how we manage your inputs, prompts, attachments and any other data or information you provide through our products and services, which we will refer to as your "User Data".
Privacy is an important differentiator for Socrates. Our products are architected from the ground up to provide you with the ability to control where your data lives, limit its use and calibrate its retention. This means that the way your User Data is managed may differ depending on the version of Socrates you decide to use, as described below.
| Question | Cloud Chats | Local Chats | Enterprise |
|---|---|---|---|
| Is User Data used to train models? Will it ever be? | No. Never. We do not use custom models. The models we use are well-known off-the-shelf or open-source AI tools like GPT4 and Llama. | ||
| Where is User Data stored? | On a Google Cloud server residing within the United States. | Locally on your computer. Except for license verification, the entire application works entirely offline. | On-premise, on your infrastructure, inside your custom deployed application or container. This version operates independently in an air gapped environment. |
| Is User Data ever provided to third-parties? | No, except for storing User Data on Google Cloud Platform and processing portions of User Data using Azure OpenAI. As stated by Microsoft, your prompts (inputs) and completions (outputs), your embeddings, and your training data:
If you are not comfortable providing User Data to Microsoft for any reason, we encourage you to use the Desktop Local Chat or Enterprise versions. | Never. | Never. |
| Is User Data ever used for any other purpose? | No, except if you ask us to debug an issue or if there is a general error or problem with the services. | No, unless you manually send us the data to review when you encounter an error. This also means that bugs can only be fixed when we release new versions. | No, unless you manually send us the data to review when you encounter an error. This also means that bugs can only be fixed when we release new versions. |
| How does Socrates keep User Data secure? | We have best-in-class security controls and are working through a number of security certifications and standards such as SOC2 and NIST 800-171. We expect these to be complete in early 2025. You are responsible for ensuring the security of user credentials. All data is encrypted both in rest and at transit. | This will depend on the security model of your computer as User Data sits entirely on your local computer. Socrates has no access to it. | This will depend on the security model of your computer as User Data sits entirely on your local computer. Socrates has no access to it. |
| How long is User Data retained | Within the settings, you have the option to delete User Data. If you delete your account, User Data is deleted automatically within three (3) months unless you reactivate your account. | Within the settings, you have the option to delete User Data in the Desktop app. Unless you use that feature, User Data will remain on your local computer indefinitely. | Within the Socrates control panel, you have the option to delete the User Data for various users. Unless you use that feature, User Data will remain on your instance indefinitely. |
