Security at Plotly

In short, no. If you use Plotly Studio through Plotly Cloud, we do not currently allow Anthropic to train their models. If you use Studio through Dash Enterprise (DE), then the option to train your model (or allow the model provider to train) on your data is up to you. To restrict training, please ask for an enterprise agreement with your LLM provider that has a default no-training configuration set, or set the right configurations before connecting your DE account to the model.

The model providers are responsible for regularly training their models. If you use a different model through Dash Enterprise, the organization that provides that model is responsible for training it.

Dash Enterprise customers can use any model and LLM provider to power their Plotly Studio requests. If you are a Plotly Cloud customer, the only model available at this time is currently Anthropic’s Claude Sonnet 4.0, which is accessed via a proxy through Google’s Vertex AI.

Unfortunately not, though we can hope that LLMs will get closer with time. We are currently refining our process for determining our accuracy rates, and will make this available as soon as they are ready.

This is tough, because we don’t train or maintain the model(s) we use. We do recognize that bias is implicit in AI technologies, and we keep this in mind as we develop Plotly Studio on top of LLMs. We are currently developing a more robust approach to identifying, assessing, and mitigating bias, which will be shared in the coming months.

No; since we don’t provide custom models at this time, we can’t maintain, train, or otherwise improve the model(s) used in our AI capabilities. This may change in the future, but be assured that sufficient advance notice and options will be provided if we consider doing so.

To us, an incident is an incident, regardless of the system that it occurs in. We treat them all with the same degree of urgency and care, with the top priority being the protection of your data. From a high level, we shut down the offending process/endpoint and stop the bleeding, after which we let you know without undue delay and start patching the issue. By the time everything has been fixed, the bare minimum that we will communicate to you will be (with rare exceptions based on legal requirements) what happened, how it happened, what was impacted, what we did to fix it.

Similar to the response in the first question, this is largely dependent on how you send data to the model. Cloud users won’t need to erase their data from the models or AI providers because they don’t store data beyond necessary short-term retention and caching. DE users may need to send a request directly to the model providers if they have allowed them to store or train on their data.

At Plotly, we prioritize the safeguarding of your data through multi-layered security measures, including SOC 2 compliance, regular vulnerability assessments, and proactive security updates, ensuring a resilient and trustworthy environment for our users

Plotly has no access whatsoever to the data you use within your Dash app. We collect limited telemetry data to improve your experience of using Dash Enterprise and help resolve issues you may face. We also store information related to business relationships, such as customer contact info and support requests.

We will retain information only for as long as required. The duration of retention is contingent upon legal obligations, such as tax recording, existing contracts, your consent, and/or our legitimate business interests.

Plotly uses collected information to analyze user trends, enhance services, and develop new features, and may share data with subsidiaries and affiliates as needed for service enforcement and improvement.

Plotly uses Amazon Web Services (AWS) for our servers and data hosting, which is accredited under: ISO 27001 SOC 1 and SOC 2/SSAE, 16/ISAE 3402 (Previously SAS 70 Type II), PCI Level 1, FISMA Moderate, and Sarbanes-Oxley (SOX). Our organization is also SOC 2 Type I and II compliant.

For further information, please visit our Trust Center. For questions or feedback, please reach out to us via email at security@plotly.com.