The highest level of commitment to your data security
Stringent policies
Our security program incorporates both governance and technical controls to guarantee the security and continuous monitoring of the platform, data, and code. Our security policies adhere to the NIST 800-53 Moderate and NIST Cybersecurity Framework (CSF).
Data encryption
We encrypt all data within DaVinci systems both in transit and at rest. Data in transit is secured through TLS 1.2+ protocols, with systems configured to mandate the TLS protocol, aligning with industry standards for externally facing systems. For data at rest, we utilize symmetric encryption (AES-256) to safeguard it, ensuring that only authorized users can access and view the data.
Zero data retention API
davinci accesses the AI model through private, dedicated servers and through a zero-retention APIāmeaning OpenAI cannot view any of that data, store it longer than required to process the request, or use any of it to train the AI model.
Highest standard
davinci collaborates with third party experts to challenge our security program. Regular vulnerability assessments, penetration tests, and reviews of our policies, vendor and risk management programs are key components of our security strategy.
The most demanding certifications & standards
davinci consistently strives to surpass established data security best practices, ensuring that we not only meet but exceed them. At present, we hold all prominent certifications for our security policies and frameworks.