diff --git a/docs/my-website/docs/data_security.md b/docs/my-website/docs/data_security.md index 5fcf1a2a3..2e5531417 100644 --- a/docs/my-website/docs/data_security.md +++ b/docs/my-website/docs/data_security.md @@ -14,7 +14,7 @@ For security inquiries, please contact us at support@berri.ai -## Self-hosted Instances LiteLLM +### Self-hosted Instances LiteLLM - ** No data or telemetry is stored on LiteLLM Servers when you self host ** - For installation and configuration, see: [Self-hosting guided](../docs/proxy/deploy.md) @@ -22,7 +22,7 @@ For security inquiries, please contact us at support@berri.ai For security inquiries, please contact us at support@berri.ai -### Supported data regions for LiteLLM Cloud +## Supported data regions for LiteLLM Cloud LiteLLM supports the following data regions: @@ -31,7 +31,47 @@ LiteLLM supports the following data regions: All data, user accounts, and infrastructure are completely separated between these two regions -### Security Vulnerability Reporting Guidelines +## Collection of personal data + +### For Self-hosted LiteLLM Users: +- No personal data is collected or transmitted to LiteLLM servers when you self-host our software. +- Any data generated or processed remains entirely within your own infrastructure. + +### For LiteLLM Cloud Users: +- LiteLLM Cloud tracks LLM usage data - We do not access or store the message / response content of your API requests or responses. You can see the [fields tracked here](https://github.com/BerriAI/litellm/blob/main/schema.prisma#L174) + +**How to use and share the personal data** +- Only proxy admins can view their usage data, and they can only see the usage data of their organization. +- Proxy admins have the ability to invite other users / admins to their server to view their own usage data +- LiteLLM Cloud does not sell or share any usage data with any third parties. + +## Cookies information, security and privacy + +### For Self-hosted LiteLLM Users: +- Cookie data remains within your own infrastructure. +- LiteLLM uses minimal cookies, solely for the purpose of allowing Proxy users to access the LiteLLM Admin UI. +- These cookies are stored in your web browser after you log in. +- We do not use cookies for advertising, tracking, or any purpose beyond maintaining your login session. +- The only cookies used are essential for maintaining user authentication and session management for the app UI. +- Session cookies expire when you close your browser, logout or after 24 hours. +- LiteLLM does not use any third-party cookies. +- The Admin UI accesses the cookie to authenticate your login session. +- The cookie is stored as JWT and is not accessible to any other part of the system. +- We (LiteLLM) do not access or share this cookie data for any other purpose. + + +### For LiteLLM Cloud Users: +- LiteLLM uses minimal cookies, solely for the purpose of allowing Proxy users to access the LiteLLM Admin UI. +- These cookies are stored in your web browser after you log in. +- We do not use cookies for advertising, tracking, or any purpose beyond maintaining your login session. +- The only cookies used are essential for maintaining user authentication and session management for the app UI. +- Session cookies expire when you close your browser, logout or after 24 hours. +- LiteLLM does not use any third-party cookies. +- The Admin UI accesses the cookie to authenticate your login session. +- The cookie is stored as JWT and is not accessible to any other part of the system. +- We (LiteLLM) do not access or share this cookie data for any other purpose. + +## Security Vulnerability Reporting Guidelines We value the security community's role in protecting our systems and users. To report a security vulnerability: @@ -41,7 +81,7 @@ We value the security community's role in protecting our systems and users. To r We'll review all reports promptly. Note that we don't currently offer a bug bounty program. -### Legal/Compliance FAQs +## Legal/Compliance FAQs Legal Entity Name: Berrie AI Incorporated