No. 003 · Public Edition · Free
OpenAI — public security evidence ledger
OpenAI's vendor-published security evidence, made reviewable. This public ledger shows all 55 SaaSDossier fields from the free OpenAI Public Edition: what was documented, what questions were surfaced, and where the reviewed source record sits.
47 Documented · 8 Questions surfaced · 55 fields reviewed · Evidence date 22 June 2026
Documented
Identity & legal entity
OpenAI. Vendor name explicitly stated throughout all reviewed pages, including trust.openai.com, openai.com/security-and-privacy/, and all policy documents.
Source · trust.openai.com
The OpenAI Services Agreement identifies two contracting entities: OpenAI OpCo, LLC (1455 Third Street, San Francisco, California 94158) for customers outside EEA/Switzerland, and OpenAI Ireland Ltd. (1st Floor, The Liffey Trust Centre, 117-126 Sheriff Street Upper, Dublin 1, D01 YC43, Ireland) for EEA/Switzerland customers. Parent entity is OpenAI Global, LLC per the sub-processor list.
OpenAI OpCo, LLC is headquartered at 1455 Third Street, San Francisco, California 94158, United States. The governing law for non-EEA customers is the State of California.
Source · trust.openai.com
Standards & attestations
OpenAI has undergone an independent SOC 2 Type 2 examination of controls relevant to Security, Availability, Confidentiality, and Privacy for its API and ChatGPT business product services. The 2025 SOC2 Report covers the period January 1, 2025 to June 30, 2025.
Source · trust.openai.com
OpenAI has received an ISO/IEC 27001:2022 Certificate documented on trust.openai.com. The certificate covers OpenAI's API, ChatGPT Enterprise, and ChatGPT Edu services. Also extends to ISO/IEC 27017:2015, ISO/IEC 27018:2019, and ISO/IEC 27701:2019. Announced August 25, 2025, on the Trust Portal update feed.
Source · trust.openai.com
OpenAI maintains PCI-DSS v4.0.1 compliance for the components of ChatGPT that support delegated payment processing. Trust portal lists PCI DSS v4.0.1 certification, and a Pentest Report and PCI DSS document are available.
Source · trust.openai.com
CSA STAR Level 1 certification is listed on trust.openai.com. OpenAI states 'ChatGPT business product services and the API Platform have been evaluated by the Cloud Security Alliance Security Trust Assurance and Risk (STAR) registry for key principles of transparency and cloud security best practices.
“ChatGPT business product services and the API Platform have been evaluated by the Cloud Security Alliance Security Trust Assurance and Risk (STAR) registry for key principles of transparency and cloud security best practices.”
Source · trust.openai.com
OpenAI lists FedRAMP 20x as a compliance item on trust.openai.com, with dedicated documentation sections including 'OpenAI FedRAMP 20x,' 'OpenAI FedRAMP 20x Significant Changes,' and 'OpenAI FedRAMP 20x Services and Features.' The status page also shows a 'FedRAMP' component. Note: FedRAMP 20x is a pilot program and differs from traditional FedRAMP Moderate/High authorization.
Source · status.openai.com
ISO/IEC 27017:2015 (cloud security controls), ISO/IEC 27018:2019 (protection of PII in public clouds), ISO/IEC 27701:2019 (privacy information management), ISO/IEC 42001:2023 (AI Management System covering consumer and business AI products), SOC 3 (public report available), TX-RAMP.
Source · trust.openai.com
Privacy & compliance
OpenAI states it supports customer compliance with GDPR and offers a Data Processing Addendum (DPA) with Standard Contractual Clauses (SCCs) for EEA/Swiss data transfers. DPA is published at openai.com/policies/data-processing-addendum/. OpenAI Ireland Limited is the data controller for EEA/Switzerland customers.
Source · openai.com/enterprise-privacy
CCPA compliance is listed on the trust.openai.com Trust Portal compliance section. The privacy policy includes California-specific disclosures. The DPA includes specific CCPA provisions in Section 5.
Source · openai.com/enterprise-privacy
OpenAI states it can sign Business Associate Agreements (BAA) in support of customers' compliance with HIPAA for the API Platform. ChatGPT for Healthcare is described as 'a secure workspace designed to support HIPAA compliance.
Source · trust.openai.com
Default API data retention is up to 30 days for abuse monitoring logs. ChatGPT Enterprise, Edu, Healthcare workspace admins control data retention duration; deleted conversations are removed within 30 days. API inputs/outputs are removed after 30 days by default. Zero Data Retention (ZDR) is available for eligible API endpoints.
Source · trust.openai.com
The privacy policy Section 6 states users have 'the right to delete your Personal Data from our records.' Users can delete conversations, memories, and accounts; deletions are processed within 30 days. The DPA Section 2.11 requires OpenAI to return or delete Customer Data upon agreement expiry/termination.
Source · openai.com/enterprise-privacy
The privacy policy Section 6 states users have 'the right to transfer your Personal Data to a third party (right to data portability).' Users can 'export your ChatGPT history and data in your account's data controls.
Source · openai.com/enterprise-privacy
The DPA Section 4 addresses international data transfers. EEA and Swiss Data transfers outside EEA/Switzerland are performed on the basis of Standard Contractual Clauses (SCCs) or EU Commission adequacy decisions. UK Data transfers use SCCs as amended by the UK Addendum.
OpenAI offers data residency for the Europe (EEA + Switzerland) region via the eu.api.openai.com endpoint, supporting both storage and processing in-region. Data residency for ChatGPT is also mentioned (linked from openai.com/security-and-privacy/). EU data residency for non-US regions requires approval for abuse monitoring controls and ZDR amendment.
Source · trust.openai.com
Encryption & key management
OpenAI references Enterprise Key Management (EKM) in the platform documentation at platform.openai.com/docs/guides/your-data under a dedicated 'Enterprise Key Management (EKM)' section heading (section visible in navigation).
Source · trust.openai.com
The platform documentation at platform.openai.com/docs/guides/your-data includes an 'Enterprise Key Management (EKM)' section, indicating customer key management capabilities exist. The section heading is visible in the page table of contents.
Source · trust.openai.com
Infrastructure & hosting
The sub-processor list identifies multiple cloud infrastructure providers: Microsoft Corporation (Azure), Amazon Web Services, Google Cloud Platform, Oracle Cloud Infrastructure, CoreWeave, and Cerebras. The Trust Portal infrastructure section lists 'Azure' specifically, and the Risk Profile section lists 'Hosting: Major Cloud Provider.
Per the sub-processor list and data residency documentation, processing regions include: United States, Australia, Brazil, Canada, France, Germany, India, Indonesia, Ireland, Italy, Japan, Malaysia, Mexico, Netherlands, Norway, Philippines, Poland, Singapore, South Africa, South Korea, Spain, Sweden, Switzerland, UAE, UK. Data residency API endpoints available for: US, Europe (EEA+Switzerland), Australia, Canada, Japan, India, Singapore, South Korea, UK, UAE.
OpenAI states 'custom models are yours alone to use and are not shared with anyone else' and fine-tuned models 'are for your use alone and never served to or shared with other customers.' API and ChatGPT Enterprise use dedicated workspaces and organizational IDs. The Services Agreement Section 1.4 states 'OpenAI provisions the Services to specific entities using dedicated workspaces and organizational IDs.
Source · trust.openai.com
The Trust Portal lists 'BC/DR' under Infrastructure and a 'Business Continuity/Disaster Recovery (BC/DR) Policy' under Policies. The risk profile notes 'Hosting: Major Cloud Provider.' Full BC/DR documentation requires Trust Portal access.
Source · trust.openai.com
The only surfaced evidence is a live status page showing aggregate uptime metrics (e.g., APIs 99.98%, ChatGPT 99.82%), and it explicitly says “Individual customer availability may vary.” No contractual SLA or service-credit remedy was found in the reviewed pages.
“Individual customer availability may vary.”
Source · status.openai.com
Access control
OpenAI references 'Advanced Account Security' which 'adds stronger protections against unauthorized access, with enhanced sign-in and recovery safeguards' for individuals, and 'account security' features for enterprise. The Trust Portal Access Control section references authentication controls. SSO via SAML is supported for Enterprise.
Source · trust.openai.com
OpenAI supports 'Enterprise-level authentication through SAML SSO' for ChatGPT Enterprise, Edu, and Healthcare. SCIM is available through identity providers such as Okta and Entra ID.
Source · trust.openai.com
RBAC (Role-Based Access Controls) is explicitly documented for ChatGPT Enterprise, Edu, and ChatGPT for Teachers. Admins can create custom roles with granular permissions (Canvas, apps, GPTs, search, projects, etc.) and assign roles to groups.
Source · trust.openai.com
The platform supports project-level data retention controls and organizational API settings, including the Admin Invites Endpoint for project-specific user provisioning. The data residency controls are configurable per-project. Zero Data Retention and Modified Abuse Monitoring can be set at organization and project level.
Source · trust.openai.com
OpenAI provides an 'Enterprise Compliance API' (Compliance Platform) for ChatGPT Enterprise and Edu customers that provides access to logs and metadata, described as 'immutable, append-only compliance log events for auditing purposes.' Workspace admins can access audit logs of conversations and GPTs.
Source · trust.openai.com
Vulnerability & incident response
OpenAI has an active Bug Bounty Program hosted on Bugcrowd at bugcrowd.com/openai. The program 'offers safe harbor for good faith security testing and cash rewards for vulnerabilities based on their severity and impact.
Source · trust.openai.com
A 'Pentest Report' is listed as a document on trust.openai.com (requires access request). The Trust Portal also lists 'Application Penetration Testing' under App Security. The specific frequency of testing is not stated in reviewed pages.
Source · trust.openai.com
OpenAI has a 'Responsible Disclosure' policy listed under App Security on trust.openai.com, and the Bug Bounty Program on Bugcrowd provides a formal channel for vulnerability disclosure.
Source · trust.openai.com
Status page is available at status.openai.com, showing uptime metrics for APIs, ChatGPT, Codex, FedRAMP, and Ads Platform components.
Source · status.openai.com
The DPA Section 2.7 states 'OpenAI will notify Customer without undue delay after becoming aware of any Personal Data Breach.' The privacy policy states deleted data is removed within 30 days. No specific hour-based SLA (e.g., 72 hours) is stated in the reviewed DPA text, though 'without undue delay' aligns with GDPR Article 33 requirements.
“OpenAI will notify Customer without undue delay after becoming aware of any Personal Data Breach.”
Source · openai.com/enterprise-privacy
An 'Incident Response Plan' is listed on trust.openai.com under the Incident Response section (requires Trust Portal access). The DPA Section 2.7 also addresses Personal Data Breach notification obligations.
Source · trust.openai.com
Subprocessors & supply chain
OpenAI publishes a public sub-processor list at openai.com/policies/sub-processor-list/ (last updated June 2, 2026), listing all third-party sub-processors by name, product/service, location of processing, and purpose.
The third-party sub-processor list contains 19 named entities (Cloudflare, Microsoft, CoreWeave, Oracle Cloud, Google Cloud, AWS, Cerebras, Snowflake, TaskUs, Intercom, Salesforce, Pylon Labs, Accenture, Fivetran, Confluent, Cinder Technologies, WorkOS, Okta, Merge API). Additionally 5 OpenAI affiliate entities are listed.
The DPA Section 2.9 states 'Customer may object to the use of such additional Sub-processor within 30 days of receiving notice of the change.' OpenAI will notify customers of sub-processor changes 'via blog post, notification within the Services or other reasonable means, or via email if Customer subscribes to email notifications on the Sub-Processor List site.
“Customer may object to the use of such additional Sub-processor within 30 days of receiving notice of the change.”
AI governance
OpenAI discloses that it trains models on data from public sources, licensed third-party data, human reviewers, and individual ChatGPT users (with opt-out available). By default, API and business product data is NOT used for training. The enterprise privacy page has a dedicated 'Model training FAQ' section.
Source · trust.openai.com
OpenAI explicitly states 'By default, we do not use your business data for training our models' for API, ChatGPT Enterprise, Business, Healthcare, Edu, and Teachers (after March 1, 2023). Training on customer data can occur only if the customer explicitly opts in.
Source · trust.openai.com
OpenAI states business data may be run through 'automated content classifiers and safety tools' generating metadata but not containing business data itself. Human review of business data is limited to specific scenarios (engineering support, platform abuse investigation, legal compliance). API inputs/outputs retained up to 30 days for abuse monitoring by default; ZDR available for eligible endpoints.
Source · trust.openai.com
OpenAI maintains ISO/IEC 42001:2023 AI Management System certification covering consumer and business AI products. The Trust Portal includes a 'Frontier Model Safety & Security' section with model evaluations, AI security documentation, model pretraining info, and OpenAI System Cards.
Source · trust.openai.com
Enterprise workspace admins can control which AI apps/GPTs are enabled for the workspace, configure RBAC permissions limiting access to AI tools (web search, deep research, agent mode, etc.), and enable Lockdown Mode to restrict network-enabled AI capabilities.
Source · trust.openai.com
Secure development & organization
The Trust Portal lists 'Code Analysis' under App Security, and 'Application Penetration Testing.' OpenAI states models and systems are 'regularly evaluated through evaluations against industry benchmarks, adversarial testing and ongoing safety monitoring.' The Security Whitepaper (available via Trust Portal) addresses security controls.
Source · trust.openai.com
The DPA Section 2.3 states 'OpenAI will ensure that all persons authorized by OpenAI to process Customer Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.' The Trust Portal Corporate Security section lists 'Employee Training.
“OpenAI will ensure that all persons authorized by OpenAI to process Customer Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.”
OpenAI states its 'security team has an on-call rotation that has 24/7/365 coverage and is paged in case of any potential security incident.' The platforms are 'built with your security and privacy in mind and tested by a team of security experts.
Source · trust.openai.com
Questions surfaced
Questions surfaced are buyer-ready follow-ups. They mean the item was not identified in the vendor-published sources reviewed; they do not establish absence of the control.
Question to ask the vendor — The reviewed vendor-owned sources did not establish SOC 2 Type I report. Does the vendor document this, and if so, on which trust, security, docs, or legal page?
Question surfaced for review — not a finding of absence.
Question to ask the vendor — The reviewed vendor-owned sources did not establish Encryption in transit. Does the vendor document this, and if so, on which trust, security, docs, or legal page?
Question surfaced for review — not a finding of absence.
Question to ask the vendor — The reviewed vendor-owned sources did not establish Field-level encryption. Does the vendor document this, and if so, on which trust, security, docs, or legal page?
Question surfaced for review — not a finding of absence.
Question to ask the vendor — The reviewed vendor-owned sources did not establish Private network connectivity. Does the vendor document this, and if so, on which trust, security, docs, or legal page?
Question surfaced for review — not a finding of absence.
Question to ask the vendor — The reviewed vendor-owned sources did not establish Multi-factor authentication enforced. Does the vendor document this, and if so, on which trust, security, docs, or legal page?
Question surfaced for review — not a finding of absence.
Question to ask the vendor — The reviewed vendor-owned sources did not establish IP allowlisting. Does the vendor document this, and if so, on which trust, security, docs, or legal page?
Question surfaced for review — not a finding of absence.
Question to ask the vendor — The reviewed vendor-owned sources did not establish Public vulnerability (CVE) history. Does the vendor document this, and if so, on which trust, security, docs, or legal page?
Question surfaced for review — not a finding of absence.
Question to ask the vendor — The reviewed vendor-owned sources did not establish Public breach disclosure history. Does the vendor document this, and if so, on which trust, security, docs, or legal page?
Question surfaced for review — not a finding of absence.
Download the complete OpenAI Public Edition
This web page is a public view of the OpenAI ledger. The free PDF remains the official release format, with the full source register and integrity record.
