Vectro SaaS Privacy and Security Datasheet

Introduction

Vectro provides customers visibility and analytics into their Sales motion by fetching and correlating data from various software-as-a-service (SaaS) applications and tools which the customer has enabled access. Some examples of analytics derived from this data are AI Scorecards, Indicators of methodology adherence across the sales team, coaching insights and custom insights. Vectro connects to applications such as Call Recording Software, Cloud Storage and other custom tools. Vectro can connect to tools that either are hosted in the customer’s environment (on-premises) or are available as a software-as-a-service offering.

Data Flow Diagram 

The diagram below illustrates the data flow of the Vectro SaaS product.
*Note - Vectro does not store customer call recordings but only metadata associated with it.

Security and Privacy of Data in Vectro SaaS

Access to Data

Each customer’s account is setup using role-based access configurations in Vectro. Data contained within the Vectro environment is limited to only authorized personnel for the purposes of troubleshooting. All such access is logged and can be reviewed by the customer. Access to Vectro’s production environments is protected by multiple factors of authentication - 2FA over SSL/TLS in addition to certificate-based authentication to the production environment.

Data Retention

Vectro restricts the amount of customer data it fetches from various SaaS and other tools. The raw data and processed data is retained, as long as the customer keeps the service active. Data fetched from SaaS products or other tools is called raw data. Metadata, insights and metrics is classified as processed data.

Data Processing Options

Vectro offers customers the flexibility to run call analysis using text, audio, and vision modalities. Customers can choose which modalities the analysis will cover. As an example, an existing customer had concerns with running vision analysis so Vectro limited the analysis to text and audio for that customer.

Security

Vectro supports user authentication via username and password. In the future, support for SSO will be added. Processed data is encrypted in the Vectro SaaS environment using AES-256. Customers can request for raw data to be deleted post processing. Each customer’s data is further isolated from each other and protected by access controls.

Security and Privacy of Data in Third Party System (Microsoft Azure Open AI)

Vectro uses Microsoft Azure Open AI. The Azure OpenAI Service is fully controlled by Microsoft; Microsoft hosts the OpenAI models in Microsoft’s Azure environment and the Service does NOT interact with any services operated by OpenAI (e.g. ChatGPT, or the OpenAI API).

Data Retention

- Prompts and generated content (completions) are retained for up to 30 days within Microsoft Azure OpenAI to facilitate abuse detection and monitoring.
- The models are stateless: no prompts or generations are stored in the model. Additionally, prompts and generations are not used to train, retrain, or improve the base models.

Privacy 

Vectro’s prompts (inputs) and completions (outputs), embeddings, and training data:
- are NOT available to other customers.
- are NOT available to OpenAI.
- are NOT used to improve OpenAI models.
- are NOT used to improve any Microsoft or 3rd party products or services.
- are NOT used for automatically improving Azure OpenAI models (The models are stateless, unless explicitly fine-tuned)

Additional information on data, security and privacy of Azure Open AI can be found here


Please note that the information provided here concerning technical or professional subject matter is for general awareness only, may be subject to change, and does not constitute legal or professional advice, warranty of fitness for a particular purpose, or compliance with applicable laws.