Building responsible AI is a part of Zendesk’s commitment to providing our customers with trusted products and solutions. Zendesk leverages a set of design principles with respect to our AI products, which include privacy, security and compliance by design.

No generative content trained on customer data

It is important to note that Zendesk’s proprietary machine learning models are not generative in nature, meaning, they do not produce passages of free text, images, or code, as is the case for many popular consumer-facing AI solutions. Because the outputs of these models are labels rather than content, they do not create the risk of customer data being reproduced or shared in an improper context.

Note: Zendesk offers features supported by third-party large language models (LLMs) that are generative in nature, but these features are not trained on Zendesk customer data. See below for more information.

Protection of customer data

As part of our commitment to protecting customer data, we take additional measures to sanitize your data before using it to train any of our models that could be used by other customers. These include:

  • All data fields specific to identifiers (e.g., fields for username and email address) are excluded from the training dataset.
  • A natural language processing algorithm is applied to identify and remove certain identifying information that is not relevant to the model in the remaining free text fields from the training dataset.*
  • Data is converted into machine-readable format. This is typically accomplished using a “tokenization” process which converts free text into numerical vector form, with the resulting vector not human readable without the use of an associated tokenizer.

*For Ultimate, customers directly determine how to sanitize the training dataset. The sanitation methods for messages detect different categories of personal data in the messages and replace these values with an anonymous label corresponding to the detected categories using content entities. For example, email addresses in the messages are replaced with <EMAIL> labels, bank account numbers are replaced with <IBAN> labels, and so forth. <EMAIL> and <IBAN> placeholders are examples of our default and pre-defined content entities. Here is a list of commonly used content entities.

No training datasets are stored within any Zendesk model, and customer data will at all times remain subject to our existing security and privacy commitments, including as outlined in our:

  • Trust Center
  • Regional Data Hosting Policy
  • Service Data Deletion Policy

No effect on current agreements

Your use of any non-EAP Zendesk AI functionality will not impact your existing agreement(s) with Zendesk. If you entered into a Data Processing Addendum (DPA) with Zendesk, the terms of that DPA will continue to apply to your use of the Services.

Generative AI features

In addition to the Zendesk proprietary machine learning models, Zendesk also offers a number of generative AI features supported by third-party LLMs. While these features are generative in nature, your data will not be used to train these models or otherwise used to improve third-party services. For more information about the processing of your data by any third-party LLMs, please see the Sub-Processor Policy and About generative AI features in Zendesk article.

Powered by Zendesk