Claudia
Security Suite
Here, you'll find an overview of the security measures we’ve implemented to protect and ensure compliance with our customers' data. For any additional requests, please contact us at legal@cloudhumans.com.
Trusted by
Models
Advanced Language Models
ClaudIA utilizes a combination of GPT-4 and GPT-4 Turbo models as one of the primary layers for customer service resolution. These models are designed to understand and generate human-quality text, tailored to the specific content and integrations of each company.
Usage
Intelligence for Customer Support
ClaudIA is an AI-based customer service agent that interacts like a human to address the most common customer inquiries. Our AI agent retrieves relevant information from a content base customized by each company to provide accurate responses. Additionally, the intelligence can be connected to any database or system via API, enabling customized information viewing and editing.
Research Publicly Available Support Policies of Companies
Research Custom Support Policies Privately Customized by Each Company
Optional: Consults and Edits Information in Databases Customized by Each Company
Training
We only collect user data that is provided by the users themselves through our AI agent or information provided by the company to identify workflows. Common examples of questions and data transmitted include:
Questions about products and features
Inquiries and questions about pricing
Commercial inquiries4o
Contacts: Email and Phone Number4o
Sensitive or Protected Data (health information, political opinions, etc.)4o
Protected Characteristics (race, gender, etc.)
Biometric Data
Inference
During inference, Cloud Humans uses the following data to generate recommendations and insights while ensuring privacy and compliance:4o
User Search Queries
Profile Data (without personally identifiable information - PII)
Input Commands to Generate Personalized Messages
Personally Identifiable Information (PII)
Sensitive Personal Data
AI Data Governance
Data Source for AI Models
Compliance with Data Sharing for LLM-Based Models
Customer Data Exclusion from Model Training4o
AI Model Testing & Monitoring
Assurance of model effectiveness and validity
Continuous model performance monitoring
Event logs collection for models
Enhancement of models' explainability
AI Cybersecurity
Implementation of Safeguards Against Malicious Prompts
Protection Against Training Data Poisoning
Implementation of Exclusive Access Control and Authentication
Supervision of AI System Operations
Third-Party AI Tools and Audits
Ensuring Model Effectiveness and Validity
Continuous Monitoring of Model Performance
Event Log Collection for Models
Data Storage
AWS and Azure
The cloud storage services we use are primarily hosted on Amazon Web Services (AWS) servers, and all our models are hosted on Azure.
Availability and Backups
Multi-Region Defensibility
The cloud storage services we use are primarily hosted on Amazon Web Services (AWS) servers, distributed across multiple geographic regions to ensure redundancy, scalability, and compliance with relevant data protection laws. Below are the storage regions and the associated characteristics of each:
Amazon Web Services (AWS) Storage Regions:
US East (Northern Virginia - us-east-1):
This is one of the most popular regions, offering the widest range of services, excellent response times, and a robust infrastructure.4o
Oeste dos EUA (Oregon - us-west-2):
This region is selected for its strategic location on the US West Coast, providing geographic diversification and business continuity through redundancy with other regions.
This is one of the most popular regions, offering the widest range of services, excellent response times, and a robust infrastructure.4o
Oeste dos EUA (Oregon - us-west-2):
This region is selected for its strategic location on the US West Coast, providing geographic diversification and business continuity through redundancy with other regions.
Daily Backups
99.8% Redundancy
Access
All sensitive resources have restricted access and can only be accessed through VPN and multi-factor authentication (MFA).
VPN
MFA (Multi-Factor Authentication).
Periodic Password Expiration Policy
Encryption
All sensitive data is protected through various measures, including secure communication protocols (SSL) and database encryption. AES-128 encryption is used for data in use (hot data), while AES-256 encryption is applied to data at rest (cold data, such as backups) at the disk level.
Encryption
Key Internal Policies
Information Security Policy
Publicly Available Privacy Policy
Data Protection Policy
Data Breach Notification Policy
Internal Incident Handling Policy
Data Transfer Policy
Ethics and Conduct Code
Mandatory Contract Due Diligence Process for Supplier Hiring
Business Continuity Plan
Risk Management Policy
Business Continuity Plan
Employee Awareness Program (with periodic occurrence)
Name
Description
Compliance
Localização
Identity, Email, and Collaboration
SOC2
ISO-27001
GDPR
HIPAA
US
Cloud Infrastructure
SOC2
ISO-27001
GDPR
PCI-DSS
HIPAA
US
Internal Communication
SOC2
ISO-27001
GDPR
PCI-DSS
HIPAA
US
Payment Processing
SOC2
GDPR
US
AI Model Hosting
SOC2
GDPR
US
Internal Documentation
SOC2
GDPR
ISO-27001
HIPAA
US
Videoconferencing4o mini
SOC2
ISO-27001
GDPR
US
Source code hosting
SOC2
ISO-27001
GDPR
US
Access Management
SOC2
ISO-27001
GDPR
US
Business Intelligence
SOC2
ISO-27001
GDPR
US
Artificial Intelligence Data Governance
Cutting-Edge Language Models
ClaudIA uses a combination of GPT-4 and GPT-4 Turbo models as one of the primary layers for customer service resolution. These models are designed to understand and generate human-like text, tailored and restricted to the specific content and integrations of each company.
Compliance with Data Sharing for LLM Foundation Models4o mini
We use OpenAI models as our primary LLM provider, without sharing private or client-specific data. We require these providers to use client information solely to facilitate the use of the Cloud Humans tool and do not permit them to train their AI models with this information. Additionally, we mandate that these providers delete any personal data within 30 days, unless otherwise required by law.4o mini
Exclusion of Client Data from Model Training4o mini
We do not use client data to train our AI model. Additionally, we require our third-party AI providers to use the information solely to facilitate the use of the Cloud Humans tool, without allowing them to train their AI models with personal information.
Data Hosting Location and Computing Resources
Data hosted by our LLM base model providers is stored by Azure in the USA, while data hosted by our cloud providers (AWS) is maintained in the USA (multi-region).
Application of Data Retention Policy
We will retain data as long as the company needs it for operational purposes or to meet regulatory or contractual requirements. Once the data is no longer necessary, it will be securely deleted or archived. Data stewards, in consultation with legal advisors, can determine the retention periods for their data.