PuppyAgent
PricingArticle
Join Waitlist

Security

Last updated: Oct 24, 2024

Introduction

At PuppyAgent we prioritize the security and privacy of your data. This page outlines our comprehensive approach to safeguarding your information and ensuring the integrity of our AI-powered platform.

If you discover a potential security vulnerability, please report it immediately to our dedicated security team at puppyteam@puppyagent.com.

For any security-related inquiries or concerns, please contact us at puppyteam@puppyagent.com.

While PuppyAgent is trusted by several large organizations, we are continuously enhancing our security measures and expanding our capabilities. We recommend that users in highly sensitive environments carefully evaluate the use of PuppyAgent, as with any AI tool. This page provides transparency into our current security posture and ongoing improvements to help you make an informed risk assessment.

Certifications and Third-Party Assessments

We commit to doing at-least-annual penetration testing by reputable third parties. Please email puppyteam@puppyagent.com to request a copy of the report.

Infrastructure Security

We depend on the following subprocessors, roughly organized from most critical to least. Note that data is sent up to our servers to power all of PuppyAgent s AI features (see AI Requests section).

AWS

Our infrastructure is primarily hosted on AWS. Most of our servers are in the US, with some latency-critical servers located in AWS regions in Asia (Singapore) and Europe (London).

OpenAI

We rely on many of OpenAI's models to give AI responses. Requests may be sent to OpenAI even if you have an Anthropic (or someone else's) model selected in chat (e.g. for summarization). We have a zero data retention agreement with OpenAI.

Anthropic

We rely on many of Anthropic's models to give AI responses. Requests may be sent to Anthropic even if you have an OpenAI (or someone else's) model selected in chat (e.g. for summarization). We have a zero data retention agreement with Anthropic.

Slack

We use Slack as our partner communication tool. .

Discord

We use Discord as our internal communication tool. We may send snippets of prompts of non-privacy users in our internal chats for debugging.

Google Workspace

We use Google Workspace for our email and collaboration tools.

Stripe

We use Stripe for payment processing.

Vercel

We use Vercel for static site generation and deployment.

Client Security

PuppyAgent takes client-side security seriously. We implement various measures to ensure the safety of your local environment:

  • End-to-end encryption for all communications between the client and our servers
  • Regular security audits of our client-side code
  • Automatic updates to patch any discovered vulnerabilities

AI Requests

To provide its features, PuppyAgent makes AI requests to our server. This happens for many different reasons. For example, we send AI requests when you ask questions in chat, we send AI requests on every keystroke so that PuppyAgent can make generations for you, and we may also send AI requests in the background for building up context or looking for bugs to show you.

An AI request generally includes context such as your recently viewed prompts or files, your chat history. This data is sent to our infrastructure on AWS, and then to the appropriate language model inference provider (OpenAI/Anthropic/Google).

You own all the data generated by PuppyAgent.

Account Deletion

You have full control over your account data:

  • You can request account deletion at any time
  • All associated data, will be permanently removed
  • Deletion process typically completes within 30 days

Vulnerability Disclosures

We appreciate responsible disclosure of security vulnerabilities:

  • Please report vulnerabilities through our email puppyteam@puppyagent.com
  • We commit to addressing critical vulnerabilities within 24 hours
  • A bug bounty program is available for eligible disclosures