Security is part of how Workbench operates. Here's what that means in practice.
Data privacy: Everything stays in your tenant
When you use Workbench, your conversations, data, and tool outputs stay within your Tines tenant. Your data doesn't leave your Tines environment. This keeps sensitive information under your control, helps with compliance requirements, and means your data isn't used to train external AI models. All Workbench activity is also captured in audit logs, so you have a record of what happened and when.
ℹ️Info
Individual user scope
Your Workbench environment is your own. Your conversation history, tool configurations, and custom instructions are private to you. Team admins can create shared presets that are available to everyone on the team, so you're not starting from scratch if your team has already done the setup work.
Other users can't see your Workbench activity by default, though you can choose to share individual conversations in view-only mode.
Credential and story access
Workbench can only access credentials and stories you already have permission to use based on your role. You can't do more through Workbench than you could through the rest of Tines, and access controls work the same way regardless of how you trigger them.
AI providers and data handling
By default, Tines AI features (including Workbench) are powered by Anthropic's Claude, hosted through AWS Bedrock. Your data doesn't travel over the public internet and no additional subprocessors are introduced.
If your organization uses a custom AI provider, Tines supports providers that are schema-compatible with OpenAI or Anthropic, including Azure OpenAI and custom AWS Bedrock configurations. You can enable multiple providers within a single tenant and choose which models power different AI features.