Data & Security
At Benton, data security and protection are paramount. Our ethos is to only work with tools and apps that take a comprehensive approach to safeguarding all data and upholding confidentiality and integrity.
Our partners have a range of certifications from independent third parties such as AICPA’s SOC for Service Organizations, SOC 2 Type II and SOC 3, and compliance with CCPA and CASA Certification.
Quick Overview:
No Model Training with User Data: We guarantee that user data is not used for model training purposes.
Enterprise-Level Data Security: We employ advanced encryption protocols, ensuring top-tier security for data both in transit and at rest.
Compliance with CCPA and CASA Certification: Our partners and tools adhere to CCPA regulations and have achieved CASA certification, reflecting our commitment to secure API integrations and user privacy.
Advanced Infrastructure Security: Our security infrastructure includes row-level security and granular access control, protecting against unauthorized access.
SOC 2 Type II and SOC 3 Certification: Other partnerships and tools have achieved high certifications, such as SOC 2 Type II and SOC 3 Certification.
For further details, please review the comprehensive policy below.
Secure Data Storage and Advanced Encryption
All knowledge base data, chats, and other pertinent information are securely stored in our encrypted database on Amazon Web Services (AWS). We utilize advanced encryption methods, including TLS for data in transit and AES-256 for data at rest, ensuring robust data security.
Chrome Plugins: A Secure Extension
The Chrome Plugin mirrors our partner web application, offering a secure interface for data management. All data accessed and utilized via the Chrome Plugin is stored securely in our partner’s primary database.
Collaboration with OpenAI and Data Privacy
We process user queries in collaboration with OpenAI, adhering to stringent data privacy and security standards. Minimal, relevant data is securely transmitted to the OpenAI API without being used for future model training or retained on their servers. For detailed information on OpenAI's data policies, visit [OpenAI API Data Usage Policies](https://openai.com/policies/api-data-usage-policies).
Compliance with CCPA Regulations
Our partners rigorously adhere to the key principles of the California Consumer Privacy Act (CCPA), including the rights to know, delete, and opt out, alongside non-discrimination and fulfillment of business obligations. These practices ensure that we respect and uphold the privacy rights of California consumers in compliance with CCPA regulations.
CASA Certification and Secure API Integration
Our partners have achieved CASA certification, which is essential for security compliance in API integrations, including the Google Drive API. This certification underscores our compliance with critical security standards, vital for the secure integration of various APIs.
Infrastructure Security: Row-Level Security and Access Control
At the infrastructure layer, our partners implement row-level security, necessitating specific authentication methods for database access. Our access control is meticulously granulated, with distinct separation at both organization and individual user levels, bolstering security against unauthorized access.
SOC 2 Type II and SOC 3 Certification
Other partnerships and tools have achieved high certifications, such as SOC 2 Type II and SOC 3 Certification. Partners that do not have these certifications are actively in pursuit of the highest certifications they can possibly obtain to further demonstrate our teamwork and dedication to the highest standards of data security and trust.
Contact for Inquiries
If you have any further inquiries or need clarification regarding our data and security policies, please contact us at support@heybenton.com. We are committed to offering transparent and prompt support to all our users.