API Compliance with Fintech companies

I’m building a startup targeting private equity firms, which often process confidential documents called CIMs. I want these firms to be able to trust me as a company with their private, confidential, data.

I read here that openai doesn’t use any data for training, but they may conditionally keep it for 30 days, unless you have a good reason for them not to.

Can someone clarify how I can ensure that i’m keeping private data secure using openai API if that’s even possible?


Hi and welcome to the Forum!

There’s a couple of things you may consider:

  1. Applying for zero data retention: Some information regarding on this here. Based on some anecdotal evidence from other user posts, it may however take long / be difficult to get such an exemption.

  2. Consuming OpenAI’s models via Azure OpenAI studio where you have certainty that your data will not be retained or shared with OpenAI. See additional info here.

If it helps, I made a blog about everything you wanna know. Here: OpenAI Data Policies: Data Usage and Retention Period - DreamInForce.com