I have a question about handling secure and sensitive data while also leveraging the Retool AI chatbox component.
For our internal system, I would love to have a natural language chatbox do some of our analysis and answer questions off our internal data but I want to be smart about data security and what is sensitive and what isnt. How are people handling secure data and still being able to allow the Retool AI and OpenAI run analysis for you?
I have been reading on best practices and security protocols, even OpenAI's own policy, but my primary risk is not allowing enterprise data to be revealed and leveraged for training and potentially leaking information. Any help and guidance would be hugely appreciated!
That said, if you want additional control, you could host your own open-source model, connect it to Retool with a custom AI provider, and connect it to your chat component.
I have been between those two options of self-hosting an open source model or go with the out of the box OpenAI functionality. In doing some research I see that by default OpenAI doesnt train or reuse any of the API data that is sent to it, unless specifically opted in for training. I dont think I have this option as a user, so I wanted to verify with you guys at Retool if the data sharing options for the API are also opted-out?
Also OpenAI doesnt specify the retention period of the data that is sent to it, it says that it is usually specified by the sender as well. Would you have any idea how long data is retained after using the Retool to OpenAI API?
