{
  "domain": "openai.com",
  "company_name": "OpenAI",
  "slug": "openai",
  "crawl_snapshot_date": "2026-05-20",
  "source_url": "https://openai.com/security-and-privacy/",
  "rules_version": "trust-scanner-rules.v1",
  "pages": [
    {
      "url": "https://openai.com/security-and-privacy/",
      "title": "Security & privacy at OpenAI",
      "text": "OpenAI protects customer and user data, models, and products. Business data is not used for training by default. Security controls include encryption at rest and in transit, retention controls, data residency options, a security portal, and a bug bounty path.",
      "links": [
        "https://openai.com/enterprise-privacy/",
        "https://openai.com/policies/privacy-policy/",
        "https://openai.com/index/business-data/",
        "https://cdn.openai.com/pdf/openai-data-processing-addendum.pdf"
      ],
      "metadata": {
        "description": "OpenAI security and privacy overview"
      },
      "role_hint": "security_practices"
    },
    {
      "url": "https://openai.com/enterprise-privacy/",
      "title": "Enterprise privacy at OpenAI",
      "text": "Organizations own and control business data. OpenAI does not train models on business data by default. Enterprise customers can set retention controls, access controls, SSO, and compliance guardrails.",
      "links": [
        "https://openai.com/security-and-privacy/",
        "https://openai.com/index/business-data/"
      ],
      "metadata": {
        "description": "Enterprise privacy commitments"
      },
      "role_hint": "ai_policy"
    },
    {
      "url": "https://openai.com/policies/privacy-policy/",
      "title": "US privacy policy",
      "text": "OpenAI's privacy policy describes personal data processing, retention, rights, and contact routes. It also distinguishes consumer services from business offerings such as the API platform.",
      "links": [
        "https://openai.com/enterprise-privacy/",
        "https://openai.com/index/business-data/"
      ],
      "metadata": {
        "description": "Consumer privacy policy"
      },
      "role_hint": "privacy_policy"
    },
    {
      "url": "https://openai.com/index/business-data/",
      "title": "Business data privacy, security, and compliance",
      "text": "Business data remains confidential and owned by the customer. OpenAI does not train on organization data by default, supports retention controls, and publishes security and compliance commitments for enterprise and API customers.",
      "links": [
        "https://openai.com/security-and-privacy/",
        "https://openai.com/enterprise-privacy/"
      ],
      "metadata": {
        "description": "Business data privacy and compliance"
      },
      "role_hint": "ai_policy"
    }
  ]
}