Data Privacy and Security
At Hinchilla, we take your data privacy and security seriously
Your Data Remains Your Own
All data remains your own and if you remove it from our servers it is gone from our systems for good. None of your grant application content could leak into the public domain through the AI tools we use.
We understand your data privacy is key to using a service like this, so we would never share any of your data with other customers (or vice versa).
Your data isn't used to train AI models
The first thing to note is that we do not train AI models on your data or use other tools which would.
Note: Training models refers to the practice of taking your data and using it to train a new AI model. For example, the latest versions of Chat GPT have been trained in part on messages and data people have put into past chats with it.
Public tools like ChatGPT and Claude will retain data submitted through the chat interface and they state they will use this data to train future models. This is a legitimate source of concern about sharing data with AI tools.
We do not train our own models but we do use those companies' APIs (Application Programming Interface, simply put this is what allows our computers to talk to their computers).
Importantly, they do not train their models using data passed to the APIs. They do retain data for a limited period of time (typically 30 days) to assist with debugging but will remove the data after that.
In this way we can be satisfied that data you share with us will remain yours and will not leak out into the public datasets of these AI companies.
Sources:
"Your data is your data. As of March 1, 2023, data sent to the OpenAI API is not used to train or improve OpenAI models (unless you explicitly opt in to share data with us)."
"We will not use your Inputs or Outputs to train our generative models (i.e. Claude), unless you've explicitly reported the materials to us (for example via our feedback mechanisms as noted below) or you've explicitly opted in to training (for example by joining our trusted tester program)."
Your data is secure
There is an unavoidable level of jargon below, feel free get in touch for clarification on anything. We've tried to be clear on what it all means in practice.
All data is stored securely, which means it is:
Stored in secure locations: Specifically with Amazon Web Services (AWS), probably the largest provider on the planet of web hosting/servers. There are multiple layers of security in place at the physical locations servers are hosted, via a variety of technological and human measures.
Encrypted: All data stored on our servers is encrypted using AWS storage layer encryption. This means that if somehow someone managed to access the data it would still be unreadable for them.
Not accessible by anyone who doesn't need access. We maintain careful access controls so only team members who need access can gain access.
All servers are secured behind firewalls. Monitoring is carried out by both ourselves and AWS to identify unusual or suspicious behaviour.
Transferred securely. Meaning data passed from your machine to our servers and back is always encrypted so it can't be intercepted.
We're people you can trust
Our team has been building web apps for about 25 years, working at small companies where responsibility for all aspects of development were handled by ourselves and other members of the small team.
At previous companies we built and managed software for use in the NHS, UK councils, the BBC and CNN. Since building our own business 10 years ago we have built a number of add-ons to the popular project management tool Trello. These are mostly reporting tools which extract data from Trello to report on.
We've been GDPR compliant since that was a thing and always take data security and privacy seriously.