LogoLogo
Sign inVisit bito.aiVideo Library
  • 👋Welcome to Bito Academy
  • 🆕Getting Started
    • Quick Overview
    • Installing on Visual Studio Code
    • Installing on JetBrain IDEs
    • Installing Chrome Extension
    • Vim/Neovim Plugin
    • Creating a Bito Account
    • Upgrading Bito Plugin
    • Bito AI Examples
  • 🛡️Privacy & Security
  • 🤖Bito Dev Agents
    • AI Code Review Agent
      • Key Features
      • Supported Programming Languages and Tools
      • Getting Started
        • Install/run Using Bito Cloud
          • Guide for GitHub
          • Guide for GitHub (Self-Managed)
          • Guide for GitLab
          • Guide for GitLab (Self-Managed)
          • Guide for Bitbucket
          • Integrate the AI Code Review Agent into the CI/CD pipeline
          • Create or customize an Agent instance
          • Clone an Agent instance
          • Delete unused Agent instances
        • Install/run as a self-hosted service
          • Prerequisites
          • CLI vs webhooks service
          • Install/run via CLI
          • Install/run via webhooks service
          • Install/run via GitHub Actions
          • Agent Configuration: bito-cra.properties File
      • Available Commands
      • Chat with AI Code Review Agent
      • Implementing custom code review rules
      • Excluding Files, Folders, or Branches with Filters
      • Code Review Analytics
      • FAQs
    • Wingman Coding Agent
      • Key features
      • Supported tools
      • Getting started
  • 🎯Feature Guides
    • AI Chat in Bito
      • Keyboard Shortcuts
      • Chat Session History
      • Share Chat Session
      • Appearance Settings
      • Open Bito in a new tab or window
    • AI that Understands Your Code
      • Overview
      • How it Works?
      • Available Keywords
      • Example Questions
      • How does Bito Understand My Code?
      • Using in Visual Studio Code
      • Using in JetBrains IDEs
      • Managing Index Size
      • FAQs
    • AI Code Completions
      • Overview
      • How it Works?
      • Enable/Disable Settings
      • Accept/Reject Suggestions
      • Keyboard Shortcuts
      • Supported Programming Languages
      • Use Cases and Examples
    • Basic/Advanced AI Models
    • Bito CLI
      • Overview
      • Install or Uninstall
      • Configuration
      • How to Use?
      • Available Commands
      • FAQs
  • 🔖Templates
    • Standard Templates
    • Custom Prompt Templates
    • Diff View
  • 🧠Bito's AI Stack
    • Embeddings
    • Vector Databases
    • Indexing
    • Generative AI
    • Large Language Models (LLM)
    • LLM Tokens
    • LLM Parameters
    • Retrieval Augmented Generation (RAG)
    • Prompts
    • Prompt Engineering
  • 👥Account & Settings
    • Workspace
    • Managing Workspace Members
    • Setting AI Output Language
    • Managing User Access Levels
    • Access Key
  • 💳Billing and Plans
    • Overview
    • Payment Methods
    • Managing Workspace Plan
    • Pay for Additional Workspace Members
    • Advanced AI Requests Usage
    • Billing History
    • Billing Details
    • Security
    • Refund Policy
    • Discounts
  • ⚒️Support & Questions
    • Getting Support
    • Troubleshooting
    • Is it GPT-4?
  • 🆕What's New
  • External Links
    • Git
    • Github Issues
    • Github Discussions
    • Bito.ai
    • VS Code Marketplace
    • JetBrain Marketplace
Powered by GitBook
LogoLogo

Bito Inc. (c) 2025

On this page
  • Bito AI
  • SOC 2 Type II Compliance
  • Code Flow through Bito’s System
  • Data and Business Privacy Policy
  • Data Retention Policy
  • Sub-processor
  • Personal Data

Was this helpful?

Export as PDF

Privacy & Security

Bito doesn't read or store your code. Nor do we use your code for AI model training.

PreviousBito AI ExamplesNextAI Code Review Agent

Last updated 3 months ago

Was this helpful?

This document explains some of Bito's privacy and security practices. Our outlines our various accreditations (SOC 2 Type II) and our various security policies. You can read our full Privacy Policy at .

Bito AI

Security is top of mind at Bito, especially when it comes to your code. A fundamental approach we have taken is to allow you to decide where you want to store your code, either locally on your machine, in your cloud, or on Bito’s cloud (coming soon). We do not store any code, code snippets, indexes or embedding vectors on Bito’s servers unless you expressly allow that. Importantly, our AI partners do not store any of this information.

All requests are transmitted over HTTPS and are fully encrypted.

None of your code or AI requests are used for AI model training. None of your code or AI requests are stored by our AI partners. Our AI model partners are OpenAI, Anthropic, and Google. Here are their policies where they state that they do not store or train on data related to API access (we access all AI models via APIs):

  1. OpenAI:

  2. Anthropic:

  3. Google Cloud: (5th paragraph)

The AI requests including code snippets you send to Bito are sent to Bito servers for processing so that we can respond with an answer.

Interactions with Bito AI are auto-moderated and managed for toxicity and harmful inputs and outputs.

Any response generated by the Bito IDE AI Assistant is stored locally on your machine to show the history in Bito UI. You can clear the history anytime you want from the Bito UI.

SOC 2 Type II Compliance

Bito is SOC 2 Type II compliant. This certification reinforces our commitment to safeguarding user data by adhering to strict security, availability, and confidentiality standards. SOC 2 Type II compliance is an independent, rigorous audit that evaluates how well an organization implements and follows these security practices over time.

Our SOC 2 Type II compliance means:

  • Enhanced Data Security: We consistently implement robust controls to protect your data from unauthorized access and ensure it remains secure.

  • Operational Excellence: Our processes are designed to maintain high availability and reliability, ensuring uninterrupted service.

  • Regular Monitoring and Testing: We conduct continuous monitoring and regular internal reviews to uphold the highest security standards.

This certification is an assurance that Bito operates with a high level of trust and transparency, providing you with a secure environment for your code and data.

Code Flow through Bito’s System

AI Code Review Agent

When you use the self-hosted/docker version that you have setup in your VPC, in the docker image Bito checks out the diff and clones the repo for static analysis and also to determine relevant code context for code review. This context and the diff is passed to Bito's system. The request is then sent to a third-party LLM (e.g., OpenAI, Google Cloud, etc.). The LLM processes the prompt and return the response to Bito. No code is retained by the LLM. Bito then receives the response, processes it (such as formatting), and returns it to your self-hosted docker instance. This then posts it to your Git provider. However, the original query is not retained, nor are the results. After each code review is completed, the diff and the checked out repo are deleted.

If you use the Bito cloud to run the AI Code Review Agent, it runs similarly to the self-hosted version. Bito ephemerally checks out the diff and clones the repo for static analysis and to determine the relevant code context for code review. This context and the diff is passed to Bito's system. The request is then sent by Bito to a third-party LLM (e.g., OpenAI, Google Cloud, etc.). The LLM processes the prompt and return the response to Bito. No code is retained by the LLM. Bito then receives the response, processes it (such as formatting), and posts it to your Git provider. However, the original query is not retained, nor are the results. After each code review is completed, the diff and the checked out repo are deleted.

AI Chat and Code Completions

When we receive an AI request from a user, it is processed by Bito's system (such as adding relevant context and determining the Large Language Model (LLM) to use). However, the original query is not retained. The request is then sent to a third-party LLM (e.g., OpenAI, Google Cloud, etc.). The LLM processes the prompt and return the response to Bito. Bito then receives the response, processes it (such as formatting), and returns it to the user’s machine.

For enterprises, we have the ability to connect to your own private LLM accounts, including but not limited to OpenAI, Google Cloud, Anthropic, or third-party services such as AWS Bedrock, Azure OpenAI. This way all data goes through your own accounts or Virtual Private Cloud (VPC), ensuring enhanced control and security.

Data and Business Privacy Policy

Data Retention Policy

Our data retention policy is carefully designed to comply with legal standards and to respect our customers' privacy concerns. The policy is categorized into four levels of data:

  1. Relationship and Usage Meta Data: This includes all data related to the customer's interaction with Bito, such as address, billing amounts, user account data (name and email), and usage metrics (number of queries made, time of day, length of query, etc.). This category of data is retained indefinitely for ongoing service improvement and customer support.

  2. Bito Business Data: Includes customer-created templates and settings. This data is terminated 90 days after the end of the business relationship with Bito.

  3. Confidential Customer Business Data: This includes code, code artifacts, and other organization-owned data such as Jira, Confluence, etc. This data is either stored on-prem/locally on the customer’s machines, or, if in the cloud, is terminated at the end of the business relationship with Bito.

  4. AI Requests: Data in an AI request to Bito’s AI system. AI requests are neither retained nor viewed by Bito. We ensure the confidentiality of your AI queries; Bito and our LLM partners do not store your code, and none of your data is used for model training. All requests are transmitted via HTTPS and are fully encrypted.

Sub-processor

Bito uses the following third-party services: Amazon AWS, Anthropic, Clearbit, Github, Google Analytics, Google Cloud, HelpScout, Hubspot, Microsoft Azure, Mixpanel, OpenAI, SendGrid, SiteGround, and Slack for infrastructure, support, and functional capabilities.

Personal Data

Bito follows industry standard practices for protecting your e-mail and other personal details. Our password-less login process - which requires one-time passcode sent to your e-mail for every login - ensures the complete security of your account.

For any further questions regarding our SOC 2 Type II compliance or to request a copy of the audit report, please reach out to

In line with Bito's commitment to transparency and adherence to data privacy standards, our comprehensive data and business privacy policy is integrated into our practices. Our complete Terms of Use, including the Privacy Policy, are available at , with our principal licensing information detailed at .

If you have any questions about our security and privacy, please email

🛡️
Trust Center
https://bito.ai/privacy-policy/
https://openai.com/enterprise-privacy/
https://www.anthropic.com/uk-government-internal-ai-safety-policy-response/data-input-controls-and-audit
https://cloud.google.com/blog/products/ai-machine-learning/google-cloud-unveils-ai-and-ml-privacy-commitment
support@bito.ai
https://bito.ai/terms-of-use/
https://bito.ai/terms-of-service/
support@bito.ai