HALO Security
The following data protection & security measures are in place:
All knowledge and conversations are saved on CM.com's internal databases, with a separate database for every client. Knowledge is never used for training/tuning LLMs.
Data goes through an anonimisation process before going to any LLM, and is re-identified before it goes to the user. As such there is no personally identifiable information flow towards the LLM.
Measures are taken against LLM pitfalls such as hallucinations & prompt injection.
The Engine is GDPR Compliant. All LLM models are hosted in Europe.
According to the AI Act, HALO classifies as a limited-risk system.
CM.com qualifies as both the provider and deployer of the AI system. As such, CM.com is the owner of the model itself, whereas clients are the owner of the knowledge. A client's knowledge is deleted when they are no longer a client.