quivr/docs/privacy-and-compliance.mdx

34 lines
1.9 KiB
Plaintext
Raw Normal View History

---
title: Privacy & Compliance
---
# Privacy & Compliance
At Quivr, we prioritize the security and privacy of our users. This document outlines our commitment to privacy and compliance, detailing our security measures, telemetry use, row-level policy enforcement, local data handling, and compatibility with various Language Learning Models (LLMs).
## Open-Source Security Model
Quivr is built on an open-source model, allowing for transparency and community-driven security enhancements. Our codebase is publicly available for review, ensuring that security experts can audit and contribute to our security practices.
## Responsible Use of Telemetry
Telemetry data is used to improve user experience and product performance. We collect minimal data necessary for these purposes, ensuring it is anonymized and securely stored. Users have the option to opt-out of telemetry collection.
## Row-Level Policy Enforcement
Security is enforced at the database level through row-level policies. This ensures that data access is strictly controlled, with users only able to access data they are explicitly permitted to view or modify.
## Local Data Handling
All data processed by Quivr remains local, ensuring that no data is sent outside without explicit user consent. This local-first approach guarantees data privacy and sovereignty.
## Compatibility with Any LLM
Quivr is compatible with any Language Learning Model, including local server-run models. This flexibility allows users to choose the most suitable model for their needs, whether it's for privacy reasons or specific feature requirements.
## SOC2 Compliance
Through our partnership with Porter & Oneleet, we offer SOC2 compliance within 90 days for instances managed by Quivr. This demonstrates our commitment to maintaining high standards of security and data protection.
By adhering to these principles, Quivr ensures a secure, private, and compliant environment for all users.