Enji
Start free demo

AI Data Use

Questions: [email protected].

Short Version

Enji Guard does not train or operate its own foundation models.

Enji Guard uses approved third-party AI model providers so the Enji Fleet agents orchestrator can run selected audits, reports, autofixes, scheduled improvement jobs, and other agent tasks.

Customer code and task data should be sent only to approved providers and routes with documented public data-use and retention terms. Do not describe all provider routes as zero-retention: some approved routes may retain limited abuse-monitoring logs or other technical state according to the provider’s published terms.

What Data May Be Sent To AI Providers

Depending on the selected action, task context may include:

  • task title, task description, and runbook instructions;
  • repository names, file paths, code snippets, diffs, logs, and test output;
  • website URLs, HTTP responses, screenshots, or reproduction steps from authorized checks;
  • prior audit findings and generated reports;
  • requested output language;
  • GitHub issue or pull-request context;
  • verification output needed to complete the task.

Enji Guard and the Enji Fleet agents orchestrator should send only the context needed for the selected task.

What Enji Does Not Do

Enji Guard does not:

  • train Enji-owned foundation models on Customer Content;
  • sell Customer Content;
  • use Customer Content to build a competing customer-code model;
  • intentionally send customer code to consumer AI products or routes that use customer code for model training.

Third-Party Provider Commitments

The intended hosted-product policy is:

  • use the approved third-party providers listed below;
  • rely on each provider’s public data-use and retention terms for the selected production route;
  • document routes that retain limited abuse-monitoring logs, application state, hosted share content, or other technical data;
  • avoid saying “no retention”, “zero retention”, or “privacy mode” globally unless that specific provider route is covered by a separate written commitment or product configuration.

Approved AI And Coding Tool Providers

This page lists providers and product routes, not individual model names.

ProviderProduct/route used by Enji GuardData sentPublic no-training statusPublic retention statusNotes
OpenAIOpenAI API or OpenAI business/developer servicesTask context and selected customer contentOpenAI states API/business data is not used for training by default unless the customer opts inOpenAI API abuse-monitoring logs may retain customer content for up to 30 days by default; Zero Data Retention or Modified Abuse Monitoring requires approvalHosted Enji Guard should rely on OpenAI’s public route-specific terms unless a separate written commitment applies.
Anthropic, PBCAnthropic API and related commercial API routesTask context and selected customer contentAnthropic states retained data is not used for model training without express permissionAnthropic offers Zero Data Retention for eligible Claude API routes; other features may retain only the technical data required for the featureHosted Enji Guard should rely on Anthropic’s public route-specific terms unless a separate written commitment applies.
MOONSHOT AI PTE. LTD.Kimi OpenPlatform APITask context and selected customer contentPublic Kimi OpenPlatform terms should not be treated as a blanket no-training commitmentPublic Kimi OpenPlatform policy says input/account data may be retained while the account is active and as needed for service, security, legal, and business purposesUse the Singapore-operated Kimi OpenPlatform route. Do not claim no-training or zero-retention for Moonshot unless separate written terms apply.
ANOMALY INNOVATIONS, INC.OpenCode / OpenCode Enterprise / OpenCode Zen, depending on production configurationCoding-agent context and selected outputsOpenCode says its open-source/enterprise workflow does not store code or context dataOpenCode open-source/enterprise processing is local or through the selected AI provider; OpenCode Zen publishes provider-specific retention exceptionsDisable hosted share links unless Enji.ai intentionally wants hosted OpenCode share pages.
Anysphere, Inc.Cursor platform, CLI, agents, or related Cursor services if used in production workflowsCoding-agent context and selected outputsCursor says Privacy Mode prevents code training by Cursor or third partiesCursor says Privacy Mode enables zero data retention for model providers, while some feature data, embeddings, metadata, and temporary encrypted cache may be storedDo not claim Cursor zero-retention for hosted Enji Guard unless the specific route and configuration support it.

Customer-Controlled Deployment Option

Customers with strict provider, residency, or retention requirements can contact Enji.ai about a separately priced and contracted on-premises or customer-controlled deployment.

In that deployment model, the customer is responsible for choosing, approving, configuring, and monitoring the AI model providers or coding tools connected to their environment. The customer’s selected providers and routes may differ from the hosted Enji Guard provider list.

Generated Output

AI and agent output can be wrong, incomplete, unsafe, or outdated.

You are responsible for reviewing, testing, and approving reports, recommendations, GitHub issues, pull requests, code changes, and any other output before relying on it.

Customer Controls

Depending on your product configuration, you can reduce AI processing by:

  • not connecting a repository;
  • not running audits or improvement jobs;
  • disabling schedules;
  • revoking GitHub App access;
  • deleting reports or projects where supported;
  • contacting [email protected] for privacy or deletion requests.