BODEX Data Handling

Due Diligence Statement

Sensitive data management comprises of three key elements: People, Technology, and Processes.
We ensure thorough diligence in managing data from every angle.

  Context

This Data Handling Due Diligence Statement outlines BODEX’s commitment to responsibly handling our client’s data in accordance with applicable laws, regulations, and DAMA best practices. This statement has been written specifically in reference to our SaaS product KPI-Dash, which takes our client’s data as Input and creates visualizations and reports and broadly for ALL data handling performed by BODEX Team members.

 Cybersecurity and Data Standard References

At BODEX, we adhere to the best practices recommended by these esteemed Cybersecurity and Data Management organizations.

 Data Collection

  • We collect data only for specified, legitimate purposes as required for KPI-Dash to perform.
    This data is specifically marked to be shared with BODEX personnel that is needed to run andmaintain the KPI-Dash application.
  • No other data is collected, unless directed and approved by the Clients

 Data Processing

  • Data processing activities are conducted securely and in compliance with relevant data protection laws.
  • We ensure that only authorized personnel have access to data necessary for their roles.
  • Data processing adheres to principles of avoiding redundancy, data minimization, accuracy, and confidentiality.
  • If the KPI-Dash AI Module is deployed it utilizes either a locally hosted LLM or one hosted in the cloud. When using a cloud-hosted LLM, data obfuscation is employed to anonymize information

 Data Storage and Security

  • Data is stored securely using industry-standard encryption and access controls.
  • We have implemented measures to protect against unauthorized access, alteration, disclosure, or destruction of data.
  • We use the highest levels of encryption when data is in transit (AES-256 bit).
  • We use obfuscation of data as a standard measure to remove context and provide additional levels of security.
  • To render visualizations and reporting, read-only data suffices, hence we request read-only permissions.
  • The data importing process will bring read-only data from the provided source into a PostgreSQL DB instance hosted on a virtual machine with limited access.

 Data Sharing and Transfers

  • We do not disclose data to third parties unless mandated by law.

 Data Breach Response

  • We have procedures in place to detect, respond to, and recover from data breaches promptly.
  • Clients affected by data breaches are notified as required by law and provided with appropriate support.

 Compliance and Monitoring

  • Regular audits and assessments of data handling practices are conducted to ensure compliance with our policies and legal requirements.
  • This statement is reviewed periodically and updated to reflect changes in our data handling practices or regulatory environment.

  Conclusion

We take pride in our responsibility for managing sensitive data, including state-level information and data from multi-billion-dollar corporations. Our commitment to maintaining the highest standards of security and integrity ensures that this critical information is handled with the utmost care and professionalism. We recognize the importance of these data assets and are dedicated to implementing best practices in data management and cybersecurity to protect them effectively. BODEX Is dedicated to upholding the highest standards of data protection and privacy. Access to data is restricted to a need-to-know basis only. This Data Handling Due Diligence Statement reflects our commitment to stakeholders, showcasing our responsibility towards effective data management.

 

One live Showcase of our Data management capabilities –

Contact Us

Need More Details?

We are here to assist. Contact us by phone, email or via our social media channels.