SaaSDossier

Free · Public Edition · Dossier No. 003

Read the free OpenAI dossier

A finished PDF record of what a software vendor publishes about its security, privacy, and compliance — the vendor's own record, made reviewable. Every field is either Documented, with the vendor's words quoted and cited, or a Question surfaced for you to raise. One structured, source-linked document, not a folder of raw links.

47 Documented8 Questions surfacedof 55

01 · The two-state model

Documented

The field was found in the vendor's published sources, quoted and cited in the vendor's own words.

Question surfaced

Not identified in the vendor-published sources reviewed. This does not establish absence of the control.

02 · From a real evidence ledger

02.01 · Standards & attestations
Documented

SOC 2 Type II report

OpenAI has undergone an independent SOC 2 Type 2 examination of controls relevant to Security, Availability, and Confidentiality.
trust.openai.com
01.03 · Data protection
Documented

Encryption in transit & at rest

Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
trust.openai.com
09.01 · AI governance
Documented

AI usage disclosure

OpenAI discloses that it trains models on data from public sources, licensed third-party data, and data that trainers and users provide.
trust.openai.com

03 · Integrity record

Ledger
All 55 fields, each in one of two states, the vendor's own words quoted and cited where Documented.
Sources
Built from vendor-published sources reviewed at the time of preparation.
Seal
A SHA-256 seal so the released document can be confirmed unchanged.

04 · Download

Disclaimer. SaaSDossier is independent documentation research. It is not an audit, certification, rating, legal opinion, vendor approval, or substitute for professional vendor-risk, legal, procurement, GRC, vCISO, or security review.