Training data privacy and knowledge base
# 🤝help
We have received several requests from our European clients regarding the privacy and safety of their data. Especially clients processing sensitive data such as banks want more information. I have read through the privacy statement, and I mainly want to get clarity on where the data uploaded to the knowledge base is stored and if Botpress is GDPR compliant?
Would also like to know if Botpress has any certificates such as SOC 2 or ISO 27001 and what data encryption and access control measures are installed. Who can I contact for more information on this matter?
hi @gorgeous-family-13200 - @freezing-printer-49373 will be the best point of contact. He said he'll get back to us by tomorrow.
Hey leonard,
we currently use Drata to monitor all GDPR compliance controls and are in the process of self-certifying with the FTC
for reference
Thanks for the reply @freezing-printer-49373 - appreciate the reference to the EU-U.S Data Privacy Framework! Clients are mainly asking for certificates like SOC 2/ISO 27001 and more information about data storage for enterprises to know that they are choosing a trustworthy partner. Have you also obtained those certificates through Drata? And is it possible to request more information on the security measures regarding encryption, data storage etc. as written in the privacy statement?
We are currently undergoing a SOC 2 audit. For the shareable security collateral, we are working on it
you can email me about specific security questions. If you client has a short standard vendor questionnaire we can possibly take a look
Thank you for the help. It is a heavy focus point for bigger businesses here in European countries, so just trying to make sure that we can continue delivering solutions with Botpress. May I get your email?
We are also looking forward to a european solution. Do you have any timeframe when the SOC 2 audit will be finished and you can provide further documentation regarding GDPR ?