{"site":{"name":"Koji","description":"AI-native customer research platform that helps teams conduct, analyze, and synthesize customer interviews at scale.","url":"https://www.koji.so","contentTypes":["blog","documentation"],"lastUpdated":"2026-06-03T08:18:14.974Z"},"content":[{"type":"documentation","id":"ffcc33bf-339f-44d8-9fd7-962f2a28637e","slug":"ai-interview-data-privacy-security","title":"AI Interview Data Privacy & Security: A Buyer's Evaluation Guide","url":"https://www.koji.so/docs/ai-interview-data-privacy-security","summary":"Before choosing an AI customer research platform, evaluate it on five points: encryption (in transit and at rest), data residency and sub-processors (and whether your data trains third-party AI models — it should not), PII handling and anonymization, retention and deletion controls, and a signed Data Processing Agreement. AI interviews surface more PII than surveys because participants speak freely, so privacy matters more. Koji encrypts data in transit and at rest, offers a DPA to all business customers (not just enterprise), gates signup to verified business email (blocking consumer, disposable, and school domains), supports anonymized studies, does not train third-party foundation models on your data, and gives you retention and deletion control aligned with GDPR. Privacy-by-design practices: collect only what you need, get consent, prefer structured questions for sensitive attributes, and set retention windows.","content":"## The Short Answer\n\nWhen you run AI interviews, you are collecting **first-party customer data** — names, opinions, sometimes sensitive context — and processing it through AI models. Before you pick a platform, evaluate it on five things: **encryption**, **data residency and sub-processors**, **PII handling and anonymization**, **retention and deletion controls**, and **a signed Data Processing Agreement (DPA)**. Any vendor that cannot answer these clearly should not hold your customers' voices.\n\nKoji is built for business customers who care about this: data is encrypted in transit and at rest, a **DPA is available to all business customers**, signup is **gated to verified business email** (consumer, disposable, and school domains are blocked), participant data can be **anonymized**, and you control **retention and deletion**. This guide gives you a vendor-neutral checklist first, then shows how Koji answers each point.\n\n---\n\n## Why AI Research Raises the Stakes\n\nTraditional surveys collect short, structured answers. AI interviews — especially [voice conversations](/docs/voice-interview-experience) — collect rich, open-ended narratives where participants volunteer far more than a form ever captures. That depth is exactly why AI research is valuable, and exactly why privacy and security matter more, not less.\n\nThree things change with AI-moderated research:\n\n1. **More PII surfaces naturally.** People mention employers, health details, financial situations, and names of colleagues when they talk freely.\n2. **Transcripts are processed by AI models.** You need to know whether your data trains third-party models (it should not).\n3. **Recordings may exist.** Voice studies can produce audio; you need to know how it is stored and for how long.\n\n---\n\n## The 5-Point Evaluation Checklist\n\nUse these questions with **any** research vendor — Koji, SurveyMonkey, Qualtrics, Typeform, or a niche AI tool.\n\n### 1. Encryption\n- Is data encrypted **in transit** (TLS) and **at rest**?\n- Who can access raw transcripts internally?\n\n### 2. Data Residency & Sub-Processors\n- Where is data physically stored?\n- Which sub-processors (AI model providers, hosting, transcription) touch the data?\n- **Is your data used to train third-party AI models?** (The answer you want is *no*.)\n\n### 3. PII Handling & Anonymization\n- Can you **anonymize** or pseudonymize participant identities?\n- Can you redact PII from transcripts before sharing reports?\n- Are participant identifiers separated from response content?\n\n### 4. Retention & Deletion\n- Can you set a **retention window** and auto-delete after it?\n- Can a participant exercise a **right-to-erasure** request, and how fast?\n- Can you export everything for your own records before deletion?\n\n### 5. Contracts & Compliance\n- Will the vendor sign a **DPA**?\n- Do they support **GDPR** obligations (lawful basis, data-subject rights)?\n- For regulated data, can they support **HIPAA**-aligned workflows?\n\nIf a vendor dodges any of these, treat it as a red flag.\n\n---\n\n## How Koji Answers Each Point\n\n### Encryption\nCustomer and participant data is encrypted **in transit (TLS) and at rest**. Access to raw transcripts is restricted to the workspace that owns the study.\n\n### Data residency, sub-processors, and model training\nKoji uses vetted AI model providers to run interviews and analysis. **Your interview data is not used to train third-party foundation models.** Sub-processors are disclosed so your security team can review the chain before you commit.\n\n### PII handling & anonymization\nBecause AI interviews surface more personal detail than surveys, Koji supports [anonymizing customer interview data](/docs/anonymizing-customer-interview-data) — you can run studies without collecting real names, and reports can present themes and quotes without exposing identities. Structured questions also help: instead of free-typing sensitive data, you can capture it as a [scale or single-choice answer](/docs/structured-questions-guide) that is inherently easier to govern.\n\n### Retention & deletion\nYou control how long data lives. Studies can be exported for your records and then deleted, and participant erasure requests can be honored — the foundation of [GDPR-compliant research](/docs/gdpr-compliant-ai-user-research).\n\n### Contracts & compliance\nKoji provides a **Data Processing Agreement (DPA) to all business customers** — not just enterprise plans. The product is designed around **GDPR** principles, and for teams handling protected health information, see [HIPAA-compliant AI user research](/docs/hipaa-compliant-ai-user-research) for the right configuration.\n\n### Access control at the front door\nSignup is **gated to verified business email**. Consumer mailbox providers, disposable/temporary email domains, and school domains are blocked. That keeps workspaces tied to real organizations and reduces the risk of anonymous accounts hoarding customer data.\n\n---\n\n## Privacy-by-Design Research Practices\n\nTooling is half the story. These practices reduce risk regardless of platform:\n\n- **Collect only what you need.** If a study does not require names, do not ask for them. Koji studies run fine fully anonymous.\n- **Tell participants what happens to their data.** A one-line consent notice before the interview builds trust and satisfies lawful-basis requirements.\n- **Prefer structured questions for sensitive attributes.** A [single_choice or scale question](/docs/structured-questions-guide) about income band is easier to govern than a free-text field.\n- **Set a retention window up front** so old studies do not become liability.\n- **Restrict report sharing** to the people who need the insight.\n\nPlatforms like Koji make privacy-by-design the default: anonymous studies, automatic [thematic analysis](/docs/ai-transcript-analysis-guide) that summarizes without exposing every raw quote, and exportable, deletable data.\n\n---\n\n## Buyer Red Flags\n\n- \"We *might* use your data to improve our models.\" → walk away\n- No DPA, or DPA \"only on enterprise\" → governance gap\n- Cannot tell you where data is stored or who the sub-processors are\n- No deletion or export path\n- Free signups with personal email and no organizational control\n\n---\n\n## Related Resources\n\n- [Structured Questions Guide](/docs/structured-questions-guide) — capture sensitive attributes as governable structured answers\n- [GDPR-Compliant AI User Research](/docs/gdpr-compliant-ai-user-research) — lawful basis, data-subject rights, and retention\n- [HIPAA-Compliant AI User Research](/docs/hipaa-compliant-ai-user-research) — configuring studies for protected health information\n- [Anonymizing Customer Interview Data](/docs/anonymizing-customer-interview-data) — run studies without collecting real identities\n- [AI Transcript Analysis Guide](/docs/ai-transcript-analysis-guide) — summarize insight without over-exposing raw PII\n- [MCP Overview](/docs/mcp-overview) — how Koji connects to AI clients securely","category":"Research Operations","lastModified":"2026-06-03T03:16:03.743141+00:00","metaTitle":"AI Interview Data Privacy & Security: Buyer's Evaluation Guide","metaDescription":"Evaluate the privacy and security of an AI research platform: encryption, sub-processors, PII and anonymization, retention, deletion, and DPA. Plus how Koji handles each — DPA for all business customers, business-email-gated signup, and GDPR-aligned design.","keywords":["ai interview data privacy","ai research security","customer research data protection","ai survey privacy","research platform gdpr","data processing agreement research","anonymize interview data"],"aiSummary":"Before choosing an AI customer research platform, evaluate it on five points: encryption (in transit and at rest), data residency and sub-processors (and whether your data trains third-party AI models — it should not), PII handling and anonymization, retention and deletion controls, and a signed Data Processing Agreement. AI interviews surface more PII than surveys because participants speak freely, so privacy matters more. Koji encrypts data in transit and at rest, offers a DPA to all business customers (not just enterprise), gates signup to verified business email (blocking consumer, disposable, and school domains), supports anonymized studies, does not train third-party foundation models on your data, and gives you retention and deletion control aligned with GDPR. Privacy-by-design practices: collect only what you need, get consent, prefer structured questions for sensitive attributes, and set retention windows.","aiPrerequisites":["Basic understanding of data privacy concepts (PII, GDPR)","Knowing what customer data your research will collect"],"aiLearningOutcomes":["Evaluate any AI research vendor on five concrete security dimensions","Understand why AI interviews raise privacy stakes versus surveys","Know how Koji handles encryption, anonymization, retention, and DPAs","Apply privacy-by-design practices to your studies","Recognize buyer red flags before you commit"],"aiDifficulty":"intermediate","aiEstimatedTime":"10 minutes"}],"pagination":{"total":1,"returned":1,"offset":0}}