Help · What we collect

The data GreyScape.ai touches

A complete list of what we read, what we store, what we never see, and how long it lives. Built for the InfoSec questionnaire conversation.

·OpenAI: organization-level usage + cost endpoints (token counts per bucket × project × model × key).
·Anthropic: usage_report/messages + cost_report endpoints (same shape).
·Manus: BYOK degrade-mode — only the API key is stored, no usage pulled until Manus publishes a usage endpoint.
·GitHub Copilot: per-user usage from the org admin API (Copilot for Business / Enterprise only).

·spend_events: provider, model, api_key_label, project, team, tokens_in/out, cost_cents, timestamp. No prompt or completion text.
·shadow_ai_tools: name + category + evidence string + user_count + status. Evidence is whatever the source supplied (e.g. CSV merchant name).
·auth_users: workos_user_id, email, name, last_signin_at — for tenant membership and audit attribution only.
·Encrypted provider API keys: AES-GCM with a per-deploy KMS-managed master key. Encrypted-at-rest in Postgres + encrypted-in-transit on retrieval.

·Prompt text. Completion text. Tool-call arguments. Any content from the AI request body.
·Customer PII inside completions — we don't sit in the request path; everything flows direct between your application and the provider.
·Credit card numbers, government IDs, anything else outside the provider admin APIs above.

·spend_events: 13 months (12 months current + 1 month rollover for year-over-year comparison).
·audit_log: 24 months (compliance requirement for SOC 2 + EU AI Act).
·report_translations (LLM debug telemetry): 90 days.
·Provider API keys: until you remove them. Deletion is immediate and cryptographic (key + nonce are dropped).