Data Security
We take data safety seriously at Agentsy. Read on below for how we keep you data, documents and business information safe and secure.
Data
How We Keep Your Data Safe at Agentsy
At Agentsy we take data safety and security seriously - in fact it’s one of the driving forces behind why we made our platform and position it as the one, central place for your team to use AI at work.
Multiple recent studies have found that 50% of employees use unauthorised AI tools at work - tools that your business has no oversight of and no assurances that submitted data will be protected. We take the opposite approach, selecting each element of our technology stack to ensure your company information is respected and protected.
We also allow your business to set guardrails, such as the company tone of voice and agent specific knowledge bases, to ensure content generated by our agents sounds like you and is grounded in your business policies, procedures and knowledge.
Here is a high level overview of the key components of our technology as they pertain to data safety and security.
AI Models
We access AI models through their paid API services, which come with specific terms that protect your data and grant you ownership rights over any generated content. This is a considerable step up security wise from using public tools.
OpenAI’s business terms are a good example of this, especially clauses 3 and 4, which focus on keeping your input data private and secure. The key point here is in clause 3.2: "We will not use Customer Content to develop or improve the Services."
Before integrating any models into the Agentsy app, we thoroughly review their terms of service to ensure they meet our high standards for user protection. We mirror these protections in our Agentsy terms of service, with clauses 7 and 8 being particularly relevant.
In essence, while your data does pass through different model providers, there are explicit protections in place to ensure you retain ownership and it isn’t used to train the AI models or improve their services.
Document Storage
Any documents you upload to Agentsy are stored securely in their original form in an Amazon S3 bucket, hosted on secure servers in Australia. We separate documents at the organisation level, and within each organisation they’re further segmented by specific agents and then by user.
This segmentation is achieved through object names, which prepends the segmentation to the file name. Although AWS uses a flat file structure, this prefix naming scheme ensures your documents are secure and that only users from your organisation are able to access them. As a further note, there currently isn’t actually a function in the application for anyone (whether part of your organisation or not) to retrieve the documents in their original form, we simply hold them in Amazon in case we need to retrain the vector database for any reason.
Vector Database
To make the information in your documents accessible to LLMs, it is vectorized and stored on Pinecone servers. Pinecone is the industry leader in vector databases and is deeply committed to security. All vectorized data is isolated through the use of Pinecone namespaces and encrypted both at rest and in transit. Namespaces is Pinecone’s recommended solution for implementing multitenancy on the platform.
oAuth Authorisation
We use Pipedream managed oAuth clients for authorisation and connection into the services that you want your AI agents to access. Pipedream is a leading integration platform trusted by over 1 million developers from startups to Fortune 500 companies. They are SOC 2 Type II, ISO 27001, HIPAA and GDPR compliant.
Agentsy Code Base
Our code base runs on Render servers, another provider that takes security seriously. While this doesn’t directly impact your information or documents, it’s worth mentioning to highlight our overall commitment to security.
At Agentsy we take data safety and security seriously - in fact it’s one of the driving forces behind why we made our platform and position it as the one, central place for your team to use AI at work.
Multiple recent studies have found that 50% of employees use unauthorised AI tools at work - tools that your business has no oversight of and no assurances that submitted data will be protected. We take the opposite approach, selecting each element of our technology stack to ensure your company information is respected and protected.
We also allow your business to set guardrails, such as the company tone of voice and agent specific knowledge bases, to ensure content generated by our agents sounds like you and is grounded in your business policies, procedures and knowledge.
Here is a high level overview of the key components of our technology as they pertain to data safety and security.
AI Models
We access AI models through their paid API services, which come with specific terms that protect your data and grant you ownership rights over any generated content. This is a considerable step up security wise from using public tools.
OpenAI’s business terms are a good example of this, especially clauses 3 and 4, which focus on keeping your input data private and secure. The key point here is in clause 3.2: "We will not use Customer Content to develop or improve the Services."
Before integrating any models into the Agentsy app, we thoroughly review their terms of service to ensure they meet our high standards for user protection. We mirror these protections in our Agentsy terms of service, with clauses 7 and 8 being particularly relevant.
In essence, while your data does pass through different model providers, there are explicit protections in place to ensure you retain ownership and it isn’t used to train the AI models or improve their services.
Document Storage
Any documents you upload to Agentsy are stored securely in their original form in an Amazon S3 bucket, hosted on secure servers in Australia. We separate documents at the organisation level, and within each organisation they’re further segmented by specific agents and then by user.
This segmentation is achieved through object names, which prepends the segmentation to the file name. Although AWS uses a flat file structure, this prefix naming scheme ensures your documents are secure and that only users from your organisation are able to access them. As a further note, there currently isn’t actually a function in the application for anyone (whether part of your organisation or not) to retrieve the documents in their original form, we simply hold them in Amazon in case we need to retrain the vector database for any reason.
Vector Database
To make the information in your documents accessible to LLMs, it is vectorized and stored on Pinecone servers. Pinecone is the industry leader in vector databases and is deeply committed to security. All vectorized data is isolated through the use of Pinecone namespaces and encrypted both at rest and in transit. Namespaces is Pinecone’s recommended solution for implementing multitenancy on the platform.
oAuth Authorisation
We use Pipedream managed oAuth clients for authorisation and connection into the services that you want your AI agents to access. Pipedream is a leading integration platform trusted by over 1 million developers from startups to Fortune 500 companies. They are SOC 2 Type II, ISO 27001, HIPAA and GDPR compliant.
Agentsy Code Base
Our code base runs on Render servers, another provider that takes security seriously. While this doesn’t directly impact your information or documents, it’s worth mentioning to highlight our overall commitment to security.
Trusted by agencies around Australia
Become an AI-first agency, with Agentsy
Agentsy gives real estate professionals a powerful suite of AI assistants for sales, property management and operations. Work smarter, not harder.
Oops! Something went wrong while submitting the form.
