# Security and privacy

Please review the following resources before reaching out about security questions. If your questions are unanswered below, please feel free to contact support for more info!

<table data-view="cards" data-full-width="false"><thead><tr><th align="center"></th><th data-type="files"></th><th data-hidden data-card-target data-type="content-ref"></th></tr></thead><tbody><tr><td align="center">Privacy Policy and Terms</td><td></td><td><a href="https://www.eesel.ai/privacy">https://www.eesel.ai/privacy</a></td></tr><tr><td align="center">Trust Center</td><td></td><td><a href="https://app.aus.vanta.com/eesel.ai/trust/5ncypy4hkv10s9yf7il8sp">https://app.aus.vanta.com/eesel.ai/trust/5ncypy4hkv10s9yf7il8sp</a></td></tr><tr><td align="center">Cloud Service Agreement</td><td><a href="/files/BauWkLacoPdKuBDCxPRp">/files/BauWkLacoPdKuBDCxPRp</a></td><td></td></tr></tbody></table>

## EU Data Residency

We’ve updated our policy to host data exclusively on EU servers upon request and our subprocessors, OpenAI and Pinecone, are SOC2 Type II certified for robust data security.

Please let us know if you want to be hosted on EU servers.

## Storing and processing data

The data you provide access to is securely stored in a SOC2 Type II certified vector database in the form of embeddings (mathematical representations). These embeddings are crucial for the app to answer questions.

When a request is made, the app uses the embeddings to find related pages and conversations, and shares only specific relevant snippets with OpenAI to generate the response.

## FAQ

<details>

<summary>Can I enable MFA?</summary>

Yes, this is a custom item that we can arrange for you. Please contact our in-app support once on a paid plan.

</details>

<details>

<summary>How does eesel handle prompt injection attacks in Confluence?</summary>

The LLM is never given a token or API access to look at the confluence info via tools or any means so prompt injection is not possible. Each bot has a separate copy of the data and it can access nothing else, and this copy is maintained programmatically.

</details>

<details>

<summary>How do we ensure only certain Confluence spaces are shared with the bot?</summary>

The LLM is never given a token or API access to your Confluence environment. It only works with a copy of the data you explicitly share with the bot, and that copy is maintained programmatically

</details>

<details>

<summary>Is eesel AI HIPPA compliant?</summary>

No, eesel is not HIPPA compliant. However, we work with several healthcare companies. We recommend exploring custom data retention options with us - please reach out with your specific data retention requirements for us to discuss further.

</details>

<details>

<summary>Does eesel have indemnity insurance?</summary>

Yes! Please reach out for more details.

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.eesel.ai/legacy/pricing-admin-and-more/security-and-privacy.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.