Find answers to questions about our AI models and policies that ensure the security of your data.
Our article, ClickUp AI FAQ answers questions about our AI trial, usage limits, and pricing. For info on how to use our AI features, take a look at our Intro to ClickUp Brain article.
Which AI model are you using and which version?
We currently use the latest models from our partner OpenAI.
Is my data used to train any AI models?
ClickUp's models do not learn from customer data. Our large language model (LLM) provider also doesn't train their models on customer data. We have a zero-day retention agreement with them.
Additionally, we use in-context learning (ICL) to ensure that our models are not learning from data.
What is in-context learning?
In-context learning (ICL) is a technique that allows large language models (LLMs) to generate appropriate responses when given context or examples within a prompt. This shows the model what to do without retraining or finetuning the model.
For example, when asked a question like What is our PTO policy? ClickUp AI understands that it should search for PTO-related content in your Workspace. ClickUp AI analyzes the content and provides the most appropriate response.
This allows ClickUp AI to assist you while never storing information from your Workspace.
Is my data sent to third-party providers outside of ClickUp?
Our AI features sometimes need to share certain data with our partners. When we do need to share data with our partners we ensure that only the necessary information is sent. Strict agreements with our partners insure that your data is not used for training or retained in any capacity. It is deleted from their systems as soon as possible.
For more detailed information, take a look at the following resources:
- Our Data Protection Addendum (DPA).
- More information on how ClickUp performs vendor management can be found in Section 4.3. Third Party Services on the Security Policy page.
- You can see our full list of third-party providers on our Subprocessors page.
- Details for OpenAI Security are available on OpenAI's website.
Does using Connected Search grant ClickUp AI access to the connected applications?
ClickUp AI and Connected Search maintain the strict policies outlined in our Privacy and security article.
Take a look at our Connected Search article to learn more about the specific privacy and security measures we've implemented.
Are the permissions set for connected applications respected when using Connected Search?
Connected Search respects existing permissions for connected applications. We enforce role-based controls to keep access current and consistent.
Take a look at our Connected Search article to learn more about the specific privacy and security measures we've implemented.
How does ClickUp encrypt data?
Take a look at our Privacy and security article to learn more about the specific application security measures we've implemented.
Is ClickUp GDPR compliant?
All ClickUp plans meet the requirements of the current global data protection legislation including:
- GDPR (General Data Protection Regulation)
- European Data Protection Legislation
- LGPD (Brazilian General Data Protection Law)
- CCPA (California Consumer Privacy Act of 2018) as amended by the CPRA (California Privacy Rights Act of 2020)
- VCDPA (Virginia Consumer Data Protection Act)
Take a look at our Data Protection Addendum (DPA) to learn more.
Where is ClickUp hosted?
ClickUp is hosted entirely on Amazon Web Services (AWS), providing end-to-end security and built-in privacy features.
Take a look at our Data Protection Addendum (DPA) to learn more.
If a customer's data is hosted in the EU, will the data processed through ClickUp AI on their account also be processed in the EU?
Who owns the data inputted into ClickUp AI?
Any data provided by a ClickUp customer that is sent to ClickUp's AI providers is covered by ClickUp's contract with that AI provider. ClickUp's contracts with AI providers prohibit ClickUp customer data from being used to train any AI model.
OpenAI is the only subprocessor that ClickUp AI data is sent to and they have zero-day data retention.
Any other questions specifically about data and ClickUp AI can be answered by our policy ClickUp AI Additional Terms.
How do you ensure ClickUp AI is secure and consistent?
ClickUp AI undergoes regular internal and external penetration testing to ensure security. We have an automated eval testing framework to ensure the behavior of ClickUp AI remains consistent.
Does ClickUp AI respect the user's role and permissions when responding?
ClickUp AI has access to the same information as the person using it. AI can't reveal anything that person can't otherwise access.
Is ClickUp AI HIPAA compliant?
ClickUp can support HIPAA compliance for Enterprise customers by agreeing to a BAA (Business Associate Agreement). Take a look at the Healthcare use section of ClickUp AI Additional Terms for our PHI (Protected Health Information) policies.
Is there human monitoring of ClickUp AI for performance and quality of output results?
We monitor daily for performance and reduced likes and dislikes. The only way for our engineers to access traces is when a user clicks the thumbs-down icon on a ClickUp AI response.
Does ClickUp AI provide transparent output through each stage of user interaction?
ClickUp AI's primary purpose is to answer questions within your organization. ClickUp AI provides sources for its answers to questions. This allows users to validate which sources AI used to answer the questions.
How is bias detected and mitigated in ClickUp AI?
Bias is mitigated by the underlying provider. Details are available on the OpenAI website.