🔐Security
Last updated
Last updated
At Prst.ai, we prioritize your privacy and understand the critical importance of security. That's why we've developed a self-hosted version of Prst.ai that can be seamlessly installed within your private network.
Prst.ai stores only necessary information for it's operations. These information is fully depends on what you, or your team posts to prst.ai.
Because of that the stored information may contain:
all input comes from your system as prompt parameters
all output data comes from external AI providers
feedbacks
any data proxy through prst.ai
system logs
credentials that you may pass to prst.ai
Prst.ai does not transmit any personal or technical information about your system outside your environment. We prioritize your data privacy, and as such, we do not utilize any metrics, logs, or other information regarding your executions, your system, or environment.
❗️Note: For support operations, we may contact you directly in accordance with our General Agreement or based on a custom NDA or Contract.
If the support option is purchased, the Prst.ai installation may send requests outside your system to notify us at PRST.AI about your support request. During this operation, the following information may be sent:
While Prst.ai installation relies on your infrastructure, all sensitive information is stored encrypted and accessed only when necessary. Such information as credentials to external AI providers uses ENCRYPTION_SECRET you can provide via ENV Variables to encrypt it. It's also possible to use external DB to store all of your data in encrypted way such as AWS RDS or any similar.
💡 Note: Please refer to your regulation to make sure the way YOU USE prst.ai is align with it.
As Prst.ai is a self-hosted solution installed within your network, you maintain full control over data practices and ownership. By default, Prst.ai does not store any personal information and operates solely within your installation. It's important to align your usage of Prst.ai with relevant regulations, such as GDPR, HIPAA, CCPA, and others.
❗️Note: For support operations, we may contact you directly in accordance with our General Agreement or based on a custom NDA or Contract.
Generate a strong encryption_secret to encrypt your data in the database and pass it via environment variables during installation.
Keep your Prst.ai solution within a private network with VPN access granted to individual organization members. Avoid making your private Prst.ai server publicly accessible to minimize security risks.
After installation, reset the password for the administration account to a strong, unique password that differs from the initial installation credentials.
Avoid sharing credentials via chats, messengers, or personal accounts. Utilize password managers like Bitwarden to securely store and manage your Prst.ai administrator password.
Secure your server where Prst.ai is installed with practices such as port restrictions, security groups, IP whitelisting, etc. Ensure that only trusted users, such as your DevOps team, have access to the installation and its configurations.
| Field | Description |
|---|---|
Organization
The organization name, provided via ENV Variables during installation
License Key
Prst.ai internal key for installation tracking
Email of the administrator, provided via ENV Variable ROOT_EMAIL
Support Category
Predefined text to identify the purpose of the support request
Description
Additional information provided during support request creation
Ticket ID
Unique identifier of the ticket inside your system
