Building responsible AI is a part of Zendesk’s commitment to providing our customers with trusted products and solutions. Zendesk leverages a set of design principles with respect to our AI products, which include privacy, security and compliance by design.

No generative content trained on customer data

It is important to note that Zendesk’s proprietary machine learning models are not generative in nature, meaning, they do not produce passages of free text, images, or code, as is the case for many popular consumer-facing AI solutions. Because the outputs of these models are labels rather than content, they do not create the risk of customer data being reproduced or shared in an improper context.

Note: Zendesk offers features supported by third-party large language models (LLMs) that are generative in nature, but these features are not trained on Zendesk customer data. See below for more information.

Protection of customer data

As part of our commitment to protecting customer data, we take additional measures to sanitize your data before using it to train any of our models that could be used by other customers. These include:

  • All data fields specific to identifiers (e.g., fields for username and email address) are excluded from the training dataset.
  • A natural language processing algorithm is applied to identify and remove certain identifying information that is not relevant to the model in the remaining free text fields from the training dataset.*
  • Data is converted into machine-readable format. This is typically accomplished using a “tokenization” process which converts free text into numerical vector form, with the resulting vector not human readable without the use of an associated tokenizer.

*For AI agents - Advanced (Ultimate), if Service Data is required for model training, customers directly determine how to sanitize the training dataset. The sanitation methods for messages detect different categories of personal data in the messages and replace these values with an anonymous label corresponding to the detected categories using entities. For example, email addresses are replaced with <EMAIL> labels, bank account numbers are replaced with <IBAN> labels, and so forth. <EMAIL> and <IBAN> placeholders are examples of the default and pre-defined entities. Here is a list of commonly used entities.

No training datasets are stored within any Zendesk model, and customer data will at all times remain subject to our existing security and privacy commitments, including as outlined in our:

  • Trust Center
  • Regional Data Hosting Policy
  • Service Data Deletion Policy

No effect on current agreements

Your use of any Zendesk AI functionality will not impact your existing agreement(s) with Zendesk. If you entered into a Data Processing Addendum (DPA) with Zendesk, the terms of that DPA will continue to apply to your use of the Services. (Please note that EAPs are subject to separate terms.)

Generative AI

In addition to the Zendesk proprietary machine learning models, Zendesk also offers a number of generative AI features supported by third-party LLMs such as OpenAI. Zendesk uses pre-trained models, and no third-party will use your inputs to train their models or otherwise improve their services.

While Zendesk may process customer data through third-party LLMs - either as part of the Services or to improve Zendesk features and functionality, Zendesk implements safety measures to protect the security of customer data. For example, for all customer data processed through OpenAI, Zendesk uses 'zero data retention' endpoints, which means that data is only temporarily processed by OpenAI in memory, and never saved to disk or persisted in any logging mechanism. For eligible Zendesk customers requiring European data locality, Zendesk leverages OpenAI's EEA and Swiss API endpoints which ensures that data is processed by OpenAI in the EEA and Switzerland only.

 

Powered by Zendesk
OSZAR »