Privacy Policy &
Data Governance.

1. Executive Summary & Our Commitment

We deploy advanced machine intelligence in enterprise environments. We recognize that data sovereignty is the absolute foundation of corporate security. We adhere strictly to the Protection of Personal Information Act (POPIA) in South Africa and engineer our systems to respect the stringent principles of the General Data Protection Regulation (GDPR) and the EU AI Act.

2. Strict Non-Training Guarantee (AI Sandboxing)

The most significant concern regarding AI adoption is data leakage. We guarantee the following parameters regarding any proprietary data, intellectual property, or customer records handed over during technical auditing, development, or active service deployment:

• No Commercial Model Training: Your private corporate data is strictly firewalled and will never be used to fine-tune, train, or improve public commercial language models (such as those maintained by OpenAI, Anthropic, or Google) without explicit, separate legal agreements.
• Zero Data Retention APIs: Where external large language models are utilized for processing, we mandate Zero Data Retention (ZDR) APIs, legally binding the provider to purge your data instantly from their processing servers upon task completion.
• Role-Based Access (RBAC): RAG (Retrieval-Augmented Generation) databases structured on your behalf exist within secure, isolated clouds (or on-premise) mapped to your active directory permissions.

3. Information We Collect

Within the capacity of our public website and lead generation operations, we may collect:

• Volunteered Contact Information: Names, corporate emails, phone numbers, and operational descriptions provided via our forms or direct correspondence.
• Diagnostic Web Data: Non-personally identifiable metrics (e.g., browser type, general geolocation, interaction timestamps) required to maintain the security and operational integrity of this application.

4. Lawful Basis for Processing (POPIA)

We process your data strictly to fulfill the following operational mandates:

• Contractual Execution: To provide you with technical audits, scope documentation, or software delivery.
• Legitimate Business Interests: Responding to functional inquiries or securing our infrastructure against malicious traffic/crawling.
• Legal Compliance: Maintaining financial records or adhering to local and international judicial requests.

5. Data Retention & Erasure

We do not engage in indefinite data harvesting. Lead data is purged from our active CRM if no business engagement occurs within twenty-four (24) months. You have the absolute right to request the immediate erasure of your data ("Right to be Forgotten") by contacting our compliance division at [email protected].

6. Cookie Infrastructure

This platform operates securely with minimal tracking overhead. We only utilize functional and performance cookies necessary to render the Brutalist UI matrix, route API requests properly, and maintain session stability during authentication sequences.

7. Changes to this Governance Document

AI moves rapidly. We update this Data Governance document structurally whenever standard corporate protocols change regarding autonomous workflows, API integrations, or South African jurisprudence affecting POPIA requirements. All significant changes will be communicated via timestamp iterations at the top of this component.