Trunk Tools announces $40M Series B

FAQ: Data Security and Privacy

Your Data in Trunk Tools

  • We only use your data to train our models if you give us explicit written permission to do so. The data from customers who give us this permission is deidentified and used exclusively for training our AI “brain” to better understand your structured and unstructured data in the pre-processing phase. Nothing specific to any customer or project is accessible to any other customer or project.
  • Further, none of our training is automatic / autonomous. We have found that autonomous training does not capture the nuance of construction-specific workflows. All training of our models is done intentionally with oversight by construction industry subject matter experts to ensure we meet the needs of our customers.
  • Training on construction-specific data is what allows us to offer exceptional value to our customers. Without real data and documents from the field, Trunk Tools could not adequately understand industry-specific questions/queries and operate workflows such as a comparison of submittals against specs, or detecting changes from one set of drawings to another. If you attempted any of these workflows in foundational LLMs like ChatGPT, you would be sorely disappointed with the results and your data would not be private unless you were on a paid enterprise account.
  • A few examples of the types of training we do on data from the field include the model’s ability to recognize types of construction documents based on the type of content contained in their PDFs (i.e. specification vs. submittal, product data submittal vs operations & maintenance manual submittal, RFI vs. CO) and object detection (room boundaries and tags, doors, sinks, toilets, staircases).
  • We have also invested significantly in training the models to recognize the implicit relationship between different types of documents and information. We call this our “knowledge graph.” E.g. How do RFIs relate to submittals? How might a bulletin relate to a change order request? How does a rejected submittal impact the project schedule? This is an area we continue to work on in order to make these implicit relationships and their second and third-order effects explicit.
  • Absolutely. Every customer has the right to restrict their anonymized aggregate project data from being used to further train our AI models. We only leverage this anonymized data when given explicit written permission by our customers.
  • Anything you explicitly give your Trunk Tools project permission to use (via integration, manual upload, or information you directly type into TrunkText). We have intentionally designed each project as a sealed box that only you can open to share more information. During your integration setup, you specify which documents and modules are synced between your project management and/or document management system(s) and Trunk Tools so that our models and agents will be able to read and respond intelligently.

Data Security and Privacy

  • If you give us explicit permission in writing to train our models on your deidentified aggregate data, you have our guarantee that no specific information from your project is accessible to another company’s project. No proprietary or confidential information, data, processes, responses, or question/queries are transferred between any two projects. Each project is logically separated and closed from every other project in our platform.
  • For example, RFIs on one of your projects might help further train our models to recognize (a) that a document is an RFI rather than some other type of construction document and (b) what type of content is in an RFI, but we will never share (c) the actual contents of your RFIs outside of the context of your project.
  • Certifications and Compliance: Trunk Tools adheres to strict data privacy policies and complies with relevant legal and regulatory standards to ensure data protection. We maintain SOC 2 Type II compliance, which ensures robust security and data privacy practices. This certification covers various aspects of security, availability, processing integrity, confidentiality, and privacy. Additionally, Trunk Tools maintains compliance with relevant data protection laws such as CCPA and CPRA, and continuously monitors regulatory changes to address legal requirements.
  • Security Measures: Trunk Tools has also implemented comprehensive security measures to safeguard confidential project data. These include encryption of data at rest and in transit, access controls based on job roles, and regular vulnerability scanning. The AI system undergoes regular audits to ensure compliance with data protection policies.
  • Clean History: Our company and products have not experienced any data leaks or other security issues. We continuously implement robust security protocols to ensure the integrity and safety of our systems.
  • Our Data Policy: Trunk Tools has developed a comprehensive data policy that addresses the privacy and protection of sensitive information processed by AI. This includes a formal privacy program, policies for preserving privacy and protecting PII, and a data governance program. These measures ensure compliance with data protection laws and standards, safeguarding sensitive information effectively.
  • Human Governance: Trunk Tools has established an AI Governance Committee responsible for overseeing AI systems, ensuring compliance with legal and regulatory requirements, and maintaining AI system inventories. Regular audits and assessments are conducted to ensure transparency, fairness, and accountability.
Login