We have built a bot leveraging Rasa Open Source and Rasa X for our company internal purposes, hosted on premise. The bot can only be accessed while within the company network. However there is some concern within management regarding security of the data being accessed via the Bot. As in whether the data is being sent to any 3rd party sources or if any one has access to any internal data or if RASA itself collects and stores any data.
Can someone suggest the best way to convince regarding data security to the team?