Inkeep light logo
Chat with usSee it for my content
Overview

Privacy

How Inkeep protects your data.

Overview

We know that privacy and security are critical for many organizations. Inkeep is committed to protecting your organization’s and your users’ data and privacy.

Inkeep is SOC 2 Type II compliant. We use industry-standard security practices, reputable subprocessors with SOC 2 Type II compliance, and offer controls to help organizations meet their own data protection requirements. We follow security best practices, including regular external security reviews and penetration tests.

Note
Note

This article is provided solely for general informational purposes and does not create or constitute contractual obligations, rights, or warranties between you and Inkeep. Refer to your organization's Service Agreement, Data Processing Agreement (if applicable), and our Privacy Policy for details about Inkeep's policies and your relationship with Inkeep. For any questions, please contact privacy@inkeep.com.

Use of LLMs

To provide our search and chat services, we use foundational large language models (LLMs) and artificial intelligence (AI) services from the following providers:

Note
Note

Inkeep nor our providers will ever use your data to train AI or LLM models. See the links above for details of each provider's policies.

Categories of Individuals

We distinguish between:

  • Users: Your end users or customers who interact with the platform.
  • Customer Agents: Your employees or consultants authorized to access and manage the platform.

Categories of Collected Data

Knowledge Base Documents

Knowledge Base Documents are materials or data sources you provide to Inkeep for ingestion into the platform. They may include:

  • Technical documentation
  • Website content and blogs
  • Sources with end-user generated content (e.g., StackOverflow, GitHub, Discourse, Slack, Discord)
  • Support desk tickets and FAQs
  • Internal documents

These documents are considered Customer Data, which you control and can view or delete at any time. This data is used to power the AI Functions for your (and only your) organization.

Prompts and Responses

  • Prompts: The text or input provided by Users or Customer Agents to the AI functions (e.g. search and chat services). Prompts are a form of User Content, which is a subset of Customer Data.
  • Responses: The text or output generated by the platform’s AI functions in reply to a Prompt. Responses are referred to as Output.

We retain Prompts (User Content) and Responses (Output) for:

  1. Usage Analytics: Providing authorized Customer Agents with topical, sentiment, and other analytics.
  2. End User Functionality: Enabling features like thumbs-up/down feedback, “Share chat,” and conversation history.
  3. Abuse and Misuse Monitoring
  4. Service Improvements: Monitoring and improving the quality of our services, without using your data to train AI models.

Enterprise Customers can customize the below:

  • Retention period of Prompts
  • Enabling or disabling of Usage Analytics or End User Functionality

User Metadata

User Metadata may include identifying information such as IP addresses, browser session details, or other user-related identifiers you or your Users choose to provide. This data is considered a subset of Customer Data. You can configure what User Metadata is collected and whether it is associated with Prompts and Responses.

Note
Note

You can customize and opt out of the collection of User Metadata. See here for instructions on configuring Inkeep’s web widgets.

Usage Data

We collect Usage Data—such as technical logs, performance metrics, and other non-Customer Data related to platform usage—to help troubleshoot, measure, and improve the performance and availability of our services.

Advanced Controls

For enterprise customers with strict data protection requirements, we offer:

  • Zero-retention policies for any Prompts and Responses.
  • Use of data de-identification services (e.g., Google Cloud’s Sensitive Data Protection).
  • Control over which LLM providers are used.
  • Use of custom cloud infrastructure and vector database providers.
  • Role-based access control to limit who can view Prompts, Responses, or User Metadata.
  • Restricting User access of AI functions to authenticated users only.
  • A HIPAA Business Associate Agreement (BAA)

We will work with your legal and security teams to work with your requirements. We will review with them our service agreement, data processing agreement, security policies, and other relevant documents.

Contacting Us

If you have a data request or questions about our use of data and processing, please reach out to privacy@inkeep.com.

If you are aware of an information security incident, unauthorized access, policy violation, security weakness, or suspicious activity related to Inkeep, please send an email with any relevant details to incidents@inkeep.com.

Why Inkeep?Add AI Chat to your Docusaurus docs

On this page