ChatGPT Agents
The ChatGPT Agents app by OpenAI enables you to engage with your ChatGPT workspace agents in Slack.ChatGPT workspace agents are reusable, shareable specialists you chat with and help you automate your work. Build them at ChatGPT.com, and use this app to make them available where you work, in Slack. You can tag your named agent via its name (for example, @sales-helper) to ask for help, or configure it to automatically perform work for you in response to a new message.Responses from ChatGPT may be inaccurate.
ChatGPT Agents will be able to view:
ChatGPT Agents will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
OpenAI
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
Customer workspace admins control how long their data is retained. The minimum retention period for Workspaces is 90 days. Any deleted conversations are removed from our systems within 30 days, unless we are legally required to retain them.
Additional Information can be found on our Enterprise Privacy page.
Data archiving and removal policy
Users can delete their data at any time, after which it is removed from their account immediately and permanently deleted from OpenAI systems within 30 days, except where legal, security, or compliance obligations require longer retention.
Data storage policy
OpenAI utilizes custom-built internal services to monitor customer data flows and help ensure that enterprise data does not enter into our logging or data warehousing pipelines. The OpenAI privacy team is responsible for detection and remediation of flagged enterprise data events.
To logically separate customer data, OpenAI enforces organizational sharding. By default, enterprise customer data is never combined across customers because organization ID logically separates data in our Azure storage solution.
In addition to enterprise data flywheel controls, organizational security controls are enforced through technical guardrails, internal policy, and annual training to set requirements for enterprise data protection.
App/service has sub-processors
yes
Guidelines for sub-processors
App/service uses large language models (LLM)
yes
LLM model(s) used
OpenAI
LLM retention settings
By default, customer data is not used to train our models. Data processing pipelines logically separate training data from enterprise data and are designed to ensure that customer data cannot leak into training datasets.
LLM data tenancy policy
To logically separate customer data, OpenAI enforces organizational sharding. By default, enterprise customer data is never combined across customers because an organization identifier logically separates data in our Azure storage solution.
LLM data residency policy
Inference residency for ChatGPT allows eligible customers to ensure that model inference happens exclusively in-region for supported locations.
https://help.openai.com/en/articles/9903489-data-residency-and-inference-residency-for-chatgpt
Certifications & compliance
Data deletion request procedure
Users may request deletion of their data through the Privacy Portal or in-product settings. Once a deletion request is completed, the data is removed from active systems and typically scheduled for permanent deletion within about 30 days, unless retention is required for legal or security purposes.
https://help.openai.com/en/articles/6378407-how-to-delete-your-account
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Supports Single Sign On (SSO) with the following providers
All SAML
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
yes
Contact for security issues
security@openai.com
Has a vulnerability disclosure program
yes
Vulnerability disclosure program URL
Vulnerability disclosure program covers Slack app
yes
Has a bug bounty program
yes
Bug bounty program URL
Requires third party authorization/connections
yes
Uses token rotation
no