FAQs - Architecture & Tech - EN
Rodrigo
Last Update 4일 전
Birdie's platform is structured in layers, each performing distinct roles. The ingestion layer collects, receives, and validates customer data. The enrichment layer applies various models to identify patterns and extract insights. Finally, raw and enriched data are consolidated in the application layer, which the client exclusively interacts with. Public data traffic uses HTTPS, while internal communication between services occurs over a private network. Birdie’s infrastructure is hosted on Google Cloud Platform (GCP) - region: us-central-1 Iowa.
Birdie provides fully managed SaaS hosting, meaning clients access the Birdie application directly. We do not offer AI models as a service like OpenAI or similar companies.
3. What support does Birdie provide for the AI solution?
Birdie offers SLAs to ensure platform availability and conducts training sessions to help clients maximize the solution’s potential. Note that Birdie’s solution operates independently of client business processes, so temporary service interruptions do not result in financial losses for the client.
4. Is there a development roadmap for the AI solution?
Yes, Birdie’s system is continuously evolving, with clients directly influencing the roadmap. Currently, the focus is on refining the solution for Fintechs and related sectors, ensuring clients benefit from these developments.
5. How scalable is Birdie’s AI architecture?
Birdie currently processes an average of 50 million feedbacks per month, with the capacity to handle hundreds of millions under load testing. Scalability is ensured by a combination of large language models (LLMs) and specific smaller models (SLMs) trained in-house for optimal processing power and cost efficiency.
6. What are the integration requirements with existing client systems?
Birdie requires well-defined data sources for integration. We provide connectors to data lakes, APIs, and even web crawlers for data ingestion. Data enrichment results can be returned to the client's data lake if needed.
7. How does Birdie manage infrastructure—cloud or on-premises?
Birdie operates on GCP with virtual separation of instances and offers physical separation at an additional cost, based on feedback volume. We use anonymized data, relying on IDs for analysis without handling PII.
Birdie currently operates with three databases: vector, text, and analytical.
The Birdie solution does not rely on the ingestion of PII (Personally Identifiable Information). We use anonymized records, cross-referencing only IDs to perform the necessary associations for segmented analyses without utilizing any sensitive data or risking client identification.
Data ingestion must remain PII-free, even in cloud deployments, which significantly mitigates any potential leaks.
Nonetheless, we implement security practices aligned with the best industry standards, as if we were handling data with PII.
An on-premises solution is possible but highly costly due to the complexity of the Birdie platform.
The recommendation is to consider this on-premises alternative only in a later implementation phase, particularly if ingesting sensitive data becomes necessary.
Birdie supports numerous integrations and crawlers for feedback ingestion. For additional integrations outside the contracted scope, setup fees apply.
Security
Authentication is via email/password or OAuth, with SSO available upon request. Each client manages user permissions within their organization. SSO incurs additional costs and must be negotiated with our commercial team.
Yes, Birdie is SOC 2 Type 2 certified and adheres to local data regulations, including LGPD.
3. Does Birdie follow compliance standards?
Yes, Birdie implements security measures comparable to handling sensitive data, verified through SOC 2 Type 2 audits.
4. Will the solution require internal data sharing?
No sensitive data is required. Birdie uses anonymized user feedback and identifiers provided by the client to perform data segmentation.
5. How is user management and permission control handled?
Birdie provides two user roles:
All Access (Admin): Full permissions, including inviting users and managing profiles.
View Only: Limited to viewing data, searching, filtering, exporting feedback, and using the Birdie Assistant.
All web and API traffic is encrypted using HTTPS/TLS 1.2. API data ingestion is secured through API keys. We also support secure platform connectors and utilize IAM roles in GCP/AWS for secure data integration.
7. How is the solution monitored for performance and security?
Birdie uses Google Cloud Logging for real-time alerts, a public status page, and audit logs. Security monitoring is enhanced with Vanta to track vulnerabilities and ensure timely patching. Multiple backup layers provide resilience and disaster recovery.
Birdie employs a combination of LLMs and SLMs. Recent base models include:
Closed LLMs: GPT (OpenAI), Gemini (Google), Claude (Anthropic)
Open LLMs: Llama (Meta)
SLMs: DeBERTa, RoBERTa
External LLMs comply with strict data protection agreements ensuring no customer data is used for model training. Providers include OpenAI, Google, and Anthropic, each with clear data governance policies.
3. What AI techniques are applied?
Birdie leverages Machine Learning (ML), Text Mining (TM), and Natural Language Processing (NLP). Techniques include traditional algorithms like Random Forests and fine-tuning neural networks using ensemble methods and Retrieval-Augmented Generation (RAG) workflows.4. Does Birdie train models using client data?
No. Models are evaluated using client data, but neither Birdie nor third-party providers train on client data.Coverage of Opportunities: 89%
Precision of Analysis: 94%
Security Measures in Birdie’s GenAI Solution
Birdie employs a combination of Generative AI models to ensure optimal performance and security in its solution. The currently integrated models include:
OpenAI GPT (via API)
Whisper (self-hosted)
Google Gemini (via API)
Meta LLaMA (self-hosted)
In addition to public models, Birdie also develops and uses proprietary models based on SLMs (Self-Hosted Language Models), such as:
DeBERTa (documentation)
RoBERTa (documentation)
These models are utilized for specific natural language processing tasks and to enhance the Birdie solution.
Generative AI technology is integrated into Birdie in various ways, including:
Data processing via data pipelines
Integration with RAG (Retrieval-Augmented Generation) in the application interface
Birdie’s Generative AI is mainly used for:
Data enrichment: Automatic classification and extraction of relevant information.
In-app assistant (RAG): Generating contextualized responses based on proprietary data.
Birdie ensures that data used in tests (Proof of Concept - PoC) will not be used for refining or training AI models. The training process follows best practices, including:
Base model training only occurs with a trigger and human supervision.
Use of synthetic data for training.
Implementation of cross-validation techniques (10-fold cross-validation, train-validation-test).
Continuous LLM adaptation via RAG, allowing customization based on client feedback without affecting the global model.
To ensure the safe use of Generative AI, Birdie implements several guardrails in its solution, including:
Prevention of Prompt Injection AttacksUsing prompt engineering techniques to mitigate Prompt Injection.
Implementing data cleaning and filtering to reduce Indirect Prompt Injection.
Limited data access by design: The LLM has no autonomy to apply arbitrary filters to data.
Sensitive data removal during ingestion: The LLM does not have access to confidential customer information.
Guiding responses based on real data to minimize hallucinations and ensure accurate information.
Birdie adopts a robust set of measures to ensure that Generative AI is used securely, effectively, and in alignment with industry best practices. For more information on our security and privacy policies, please contact our support team.