Q: What type of data do you store and how is it encrypted at rest?

A: InsightHive is designed for zero retention of case content: we do not persist audio recordings, transcripts, prompts, or model outputs. We store only minimal operational data needed to run the service (e.g., user accounts, tenant configuration, access logs/metrics as configured). Any data that is stored is encrypted at rest.

Q: What type of encryption do you use for data in transit?

A: All network traffic between the client to InsightHive cloud services uses TLS. We enforce HTTPS for application and API traffic.

Q: Is there anyone at your company that would have access to our data at any time?

A: By default, InsightHive personnel do not access customer content, and we do not retain that content in our systems. Administrative access to infrastructure is role-based, least-privileged, and auditable.

Q: Do you store or process any data outside of the US?

A: No. Our production environments are US-based only.

Q: Is our data used to train your AI model?

A: No. We do not train or fine-tune models on customer data as part of any operations. We use commercially available, pre-trained models. Additionally, our LLM endpoint is configured so the model provider does not use submitted content for training of any kind.

Customer prompts (inputs), and completions (outputs):

1. are NOT available to other customers,

2. are NOT used by third party model providers to improve their models or services,

3. are NOT used to train any generative AI foundation models

Q: Do you have a Modified Abuse Monitoring agreement with Microsoft?

A: Yes. We have opted out of all abuse monitoring, data logging, human review, and provider-side content retention where applicable for all cloud and model providers.