Data Privacy

Twig AI's commitment to protecting your data and ensuring privacy compliance.

Privacy Principles

1. Data Ownership: You own your data completely
2. No Training: Your data never trains our models
3. Encryption: Data encrypted at rest and in transit
4. Isolation: Complete organization data isolation
5. Transparency: Clear data usage policies

Data Collection

What We Collect

User Data:

• Email address (required)
• Name (optional)
• Organization affiliation
• Usage patterns (anonymized)

Content Data:

• Documents you upload
• Data source connections
• Knowledge base articles
• Conversation history
• Agent configurations

Technical Data:

• API request logs
• Performance metrics
• Error logs
• System diagnostics

What We DON'T Collect

❌ Payment card details (handled by Stripe) ❌ Passwords (only hashed versions) ❌ Unnecessary personal information ❌ Data from other organizations

Data Storage

Storage Locations

Primary Region: US-East (AWS) Available Regions (Enterprise):

• US-West
• EU (Frankfurt)
• Asia-Pacific (Singapore)
• Custom regions on request

Encryption

At Rest:

• AES-256 encryption
• Encrypted database fields
• Encrypted file storage (S3)
• Key management via AWS KMS

In Transit:

• TLS 1.3
• HTTPS only
• Perfect forward secrecy
• Strong cipher suites

Data Access

Who Can Access Your Data?

Within Your Organization:

• Users with appropriate permissions
• Based on role and group membership
• Audit-logged access

Twig AI:

• Support team (with your permission only)
• For troubleshooting specific issues
• Fully audit-logged
• Never for training or other purposes

Third Parties:

• ❌ Never shared
• ❌ Never sold
• ❌ Never used for advertising
• ⚠️ LLM providers process queries (see below)

LLM Provider Processing

When you use Twig AI:

• Queries sent to LLM providers (OpenAI, etc.)
• Zero-retention policy enforced
• Data not used for training
• Enterprise agreements in place

Control:

{
  "privacy": {
    "useOnlyPrivateModels": true,  // Enterprise: Use dedicated models
    "dataResidency": "EU",          // Control where processed
    "zeroRetention": true           // Enforce zero-retention
  }
}

Privacy Controls

Private Data Mode

Restrict agents to organization-only data:

{
  "configAIUseOnlyPrivateData": true
}

Effect:

• No external knowledge used
• Only your uploaded/connected data
• Highest privacy
• More controlled responses

Data Classification

Tag data by sensitivity:

{
  "dataSource": {
    "classification": "CONFIDENTIAL",
    "accessControl": {
      "allowedRoles": ["admin", "manager"],
      "allowedGroups": ["legal", "finance"],
      "requireMFA": true
    }
  }
}

PII Detection

Automatically detect and handle PII:

{
  "piiDetection": {
    "enabled": true,
    "types": ["email", "phone", "ssn", "credit_card"],
    "action": "REDACT",  // REDACT, MASK, or BLOCK
    "alert": true
  }
}

Example:

Input: "My email is john@example.com"
Stored: "My email is [EMAIL_REDACTED]"
Logged: PII detected and redacted

Data Retention

Default Retention

Data Type	Retention Period
Interactions	90 days
Analytics	2 years (aggregated)
Audit Logs	1 year
Documents	Until deleted
User Accounts	Until deleted

Custom Retention (Enterprise)

{
  "retention": {
    "interactions": 30,      // 30 days
    "auditLogs": 2555,       // 7 years (compliance)
    "analytics": 730,        // 2 years
    "autoDelete": true
  }
}

User Rights

Right to Access

Users can request all data we hold:

1. Settings → Privacy → Request Data Export
2. Receive email within 30 days
3. Download complete data archive

Includes:

• Profile information
• Interaction history
• Analytics data
• Audit logs

Right to Deletion

Users can request data deletion:

1. Settings → Privacy → Delete My Data
2. Confirm deletion
3. Processed within 30 days

Effect:

• User account deleted
• Personal data removed
• Interactions anonymized
• Analytics aggregated (no personal link)

Right to Portability

Export your data in standard formats:

• JSON (machine-readable)
• CSV (spreadsheet)
• PDF (human-readable)

Compliance

GDPR (EU)

✅ Data processing agreements ✅ Lawful basis for processing ✅ Right to access, deletion, portability ✅ Data protection officer designated ✅ Privacy by design ✅ Breach notification (72 hours)

CCPA (California)

✅ Right to know what data is collected ✅ Right to delete ✅ Right to opt-out of sale (we don't sell data) ✅ Non-discrimination

HIPAA (Healthcare)

Available for Enterprise: ✅ Business Associate Agreement (BAA) ✅ Encrypted data storage ✅ Access controls ✅ Audit logging ✅ Breach notification

SOC 2 Type II

✅ Annual audit ✅ Security controls ✅ Availability controls ✅ Confidentiality controls ✅ Report available on request

Privacy-First Features

Data Minimization

We only collect what's necessary:

✅ Collect: Email (required for account)
❌ Don't collect: Date of birth, address, phone

Purpose Limitation

Data only used for stated purposes:

• Provide AI services
• Improve platform
• Support customers
• Comply with legal obligations

NOT used for:

• Marketing to non-customers
• Selling to third parties
• Training public models

Anonymization

Analytics use anonymized data:

Personal: user-123 asked "What is pricing?"
Anonymous: User in segment X asked category Y question

Incident Response

Data Breach Protocol

If breach occurs:

1. Detection: Identify and contain (< 1 hour)
2. Assessment: Evaluate scope and impact (< 6 hours)
3. Notification: Inform affected users (< 72 hours)
4. Remediation: Fix vulnerability
5. Review: Post-mortem and improvements

User Notification

You'll be notified if:

• Data breach affects your account
• Unauthorized access detected
• Security settings changed
• Suspicious activity observed

Privacy Settings

Organization-Level

{
  "privacy": {
    "dataResidency": "US",
    "allowDataTransfer": false,
    "requireMFAForAdmins": true,
    "sessionTimeout": 3600,
    "encryptionLevel": "STRONG"
  }
}

User-Level

Users can control:

• Data sharing preferences
• Analytics inclusion
• Email communications
• Third-party integrations

Best Practices

1. Classify Your Data

✅ Identify sensitive data ✅ Apply appropriate controls ✅ Restrict access ✅ Audit regularly

2. Enable Private Data Mode

✅ For sensitive use cases ✅ For compliance requirements ✅ For controlled environments

3. Regular Audits

✅ Review access logs quarterly ✅ Verify permissions annually ✅ Remove inactive accounts ✅ Update security policies

4. Train Your Team

✅ Privacy awareness training ✅ Data handling procedures ✅ Incident reporting ✅ Secure practices

Next Steps

• Compliance - Regulatory compliance
• Security Best Practices - Harden security
• SSO Integration - Enterprise authentication
• User Permissions - Access control

---

Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the ask query parameter:

GET /dev/product/security/data-privacy.md?ask=<question>

The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.