> For the complete documentation index, see [llms.txt](https://support.meetuma.ai/uma-knowledgebase/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://support.meetuma.ai/uma-knowledgebase/data-and-reporting/analytics-pro/ai/ai-security-and-data-privacy.md). # AI Security & Data Privacy 🔐 This document explains how UMA Vision uses AI services (Anthropic Claude and OpenAI), what customer data is involved, and what protections are in place. *** ### Summary UMA Vision uses AI **exclusively via API calls** to Anthropic and OpenAI. No customer data is used to train AI models. No data is stored by the AI providers after a request completes. This applies to all AI features in Analytics Pro. *** ### How AI Calls Work When a user invokes an AI feature in UMA: 1. UMA's backend (gateway-service) constructs a prompt containing aggregated analytics data — for example, room utilisation percentages, building names, sensor averages, and the selected date range. 2. That prompt is sent over an encrypted HTTPS connection to the relevant provider's API endpoint (Anthropic or OpenAI). 3. The provider's model generates a response and returns it. 4. UMA displays the response to the user. The raw prompt and response are **not stored** by UMA's backend (only token counts are recorded for cost monitoring). The entire exchange happens in real time. There is no persistent session, no caching of customer data on the provider's side, and no feedback loop back into any model. *** ### What Data Is Sent in a Prompt AI prompts contain **aggregated, non-personal analytics metrics** only: * Building and floor names * Resource names (e.g. "Meeting Room A") * Utilisation percentages, occupancy counts, energy totals, sensor averages * Selected date ranges * The user's specific question (for agent interactions) AI prompts do **not** contain: * User passwords, authentication tokens, or credentials * Raw device logs or individual sensor readings * Personally identifiable information (PII) such as employee names, emails, or badge numbers * Financial or legal data * Data from outside the currently selected building/floor scope *** ### No Training on Customer Data #### Anthropic (Claude) Under Anthropic's API usage policy, inputs and outputs submitted via the API are **not used to train Anthropic's models**. This is a contractual commitment that applies to all API customers by default, with no opt-in required. Reference: [Anthropic API Usage Policy](https://www.anthropic.com/legal/aup) #### OpenAI (GPT-4.1) Under OpenAI's API data usage policy, data submitted via the API is **not used to train OpenAI's models** by default. API customers are automatically opted out of training data collection. Reference: [OpenAI API Data Usage Policies](https://openai.com/policies/api-data-usage-policies) *** ### Data Residency and Transit * All API calls are made over TLS 1.2+ (HTTPS). Data is encrypted in transit. * Anthropic's API infrastructure is hosted in the United States. * OpenAI's API infrastructure is hosted in the United States. * Prompts and responses are held in memory only for the duration of the request — neither provider persists API request content after the HTTP response is returned. UMA Vision does not send customer data to any AI provider outside of a live user-initiated action (i.e. no background batch processing of customer data by AI). *** ### Token Logging (Internal) UMA records `promptTokens` and `completionTokens` per AI interaction in its own database for cost monitoring and billing purposes. This is a count of tokens, **not the content** of prompts or responses. No message text is stored server-side. *** ### Summary of Guarantees | Question | Answer | | ------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | | Is customer data used to train AI models? | No — API usage is explicitly excluded from training by both Anthropic and OpenAI | | Does UMA share customer data with third parties for AI? | Data is transmitted to Anthropic/OpenAI only to generate a response; it is not shared with any other party | | Is prompt content stored by the AI provider? | No — API request content is not retained after the response is returned | | Is personally identifiable information sent in prompts? | No — only aggregated analytics metrics and resource names | | Are AI calls encrypted? | Yes — all calls use HTTPS / TLS | | Is there any unsupervised background AI processing? | No — AI is only invoked by explicit user action | --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://support.meetuma.ai/uma-knowledgebase/data-and-reporting/analytics-pro/ai/ai-security-and-data-privacy.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.