Chat Bot Agent Logging Policy

This policy defines what data we collect as part of providing AI chat bot services, how it's stored, and the conditions under which we access it.

Data We Collect

Web traffic logs are collected and stored both locally for 30 days, and in AWS CloudWatch for one year. These logs contain browser user agent strings, and IP addresses. They do not contain chat prompts. Access to these logs is available to AIML and Infrastructure team members.
Server performance data: For example CPU usage, and memory utilization. This data is recorded in AWS timestream, and made visible to all Network Ninja staff through Grafana dashboards.
Other server log files that contain information relevant to the system and security, such as server specific access logs are kept locally and in AWS CloudWatch for one year.

Chat prompts exist in the Docker logs of running containers and system journal logs (which persist for ~1 month on disk, and another in backups). Chat prompts are stored in AWS DocumentDB by design to support the application. Access to the database and temporary Docker logs is available only to the AIML team and limited members of the Infrastructure team.
The Azure OpenAI API service logs chat prompts that trigger abuse filters. Those logs are only available to select members of the Infrastructure team.

There are two conditions under which we will retrieve chat prompts:

When required by law under a subpoena.
When a sufficient amount of traffic is flagged as abusive, or is brought to our attention by a model provider we will contact the user and request permission to review the logs with them to investigate the matter. Accounts that refuse this request will be removed.