ChatGPT Plugin FAQ

Privacy is at the heart of everything we do at eesel. Our extension is Fast Company’s top new apps of 2022 and has 11k monthly users in companies like Atlassian, Shopify and Intercom. A key reason for our success has been our privacy first approach.

We’re now kicking off ChatGPT Plugins. This works alongside a Chrome extension which lets you index internal company documents and other browser files to a Pinecone store made only for you (we create this and securely store embeddings for you), and then via the ChatGPT Plugins (like "Aaron AI"), your ChatGPT can get access to this additional context.


You’ll be able to ask any question and ChatGPT will be able to answer based on any custom knowledge you teach it. It's built on top of the open source ChatGPT Retrieval Plugin repository.


Here’s a run through commonly asked questions related to our ChatGPT Plugins. For any questions about this, simply email hi@eesel.app.

FAQ

What data does this read, and why?

You have full control over what data is made available to the app. The browser extension will read page data you give access to. It reads page title and content of open tabs when you explicitly trigger an import. It doesn’t read any other page data. When a question is asked to the app, this data is the context the ChatGPT plugins base their responses on.

How is the data stored?

We store embeddings (mathematical representations) of the data you give access to securely on eesel servers and used solely for providing the functionality of this service. This is critical to share additional context for the ChatGPT plugin to then answer questions. Whenever you make a request, the app uses the embeddings to find related conversations and pages, and only these conversations and pages are shared with OpenAI as “context” (via the ChatGPT Plugin) based on which the response to the question is generated. We do not share, sell, or lease personal information about you to any third-parties for their marketing use.

How long is the data retained?

Any data collected by the app is stored securely in our servers and is only accessible to authorized personnel. We will retain data for the duration of the subscription to our service and for a period of 30 days following termination of the subscription. After this period, all of your associated data will be permanently deleted from our servers.

What security measures have been implemented?

We've implemented many security best practices:

  • We’ve gone through the 7-layer OSI model and applied several best practices there e.g. using TLS to encrypt all traffic, having 2FA on our AWS with strong passwords, only consuming tokens with POST requests 

  • Client ID and secret, and bot tokens are handled very delicately. We don’t expose them in public or client-side code, or distribute them in email or native applications.

  • We don’t request any user tokens.

  • We only request necessary scopes and the “least privilege” token that’s possible for the app to function. For instance, we only request read access for channels the bot has been explicitly added to, and this is essential as it’s the basis of how the AI bot is trained.

How can I request access, transfer, or deletion of my data?

You can request access, transfer or deletion of your associated data with eesel by emailing us at hi@eesel.app. We will delete all of your associated data within 30 days of receiving a request.

What subprocessors do you use?

Here is a full list of sub processors:​​ eesel Subprocessor list. OpenAI is the key service we use to power the plugin.