Data Protection Policy
Last Updated On 08 May 2026
Effective Date 08 May 2026
Your Data Is Handled With Care, Security, and Transparency
We use trusted technology, controlled workflows, and clear internal protocols to protect the information our clients share with us. Our approach is built around confidentiality, secure document management, responsible AI use, and human oversight.
Section 1: Our Data Protection Approach
We treat client data as confidential by default. Information shared with us is handled only for the purpose of supporting client work, preparing documents, managing communication, and delivering our services.
Our internal approach is based on:
Controlled access to client information
Secure document storage and collaboration
Responsible use of approved technology tools
Data minimization wherever possible
Human review before client-facing outputs are shared
Section 2: Tools We Use
We use industry-standard Microsoft 365 tools to manage client documents and collaboration securely.
Microsoft SharePoint
We use SharePoint as a controlled document storage and collaboration environment for client files, drafts, reports, and supporting materials.
Microsoft Word
We use Word for preparing, reviewing, and editing client-facing documents in a structured and controlled way.
Microsoft PowerPoint
We use PowerPoint to prepare presentations, summaries, workshops, and client briefings while keeping materials within managed storage environments.
Section 3: How We Protect Client Data
Our document and collaboration workflows are designed to reduce unnecessary exposure of client information.
We apply practical safeguards such as:
Access limited to authorized team members
Managed document storage instead of informal file sharing
Version control and organized document management
Restricted sharing of sensitive materials
Internal review before external communication
Prompt escalation of privacy or security concerns
Section 4: Responsible Use of AI Tools
We may use modern AI tools such as ChatGPT or Claude to support drafting, summarization, quality review, and analysis. These tools are used carefully and only within approved workflows.
Client data is not entered into public or consumer-grade AI tools where it could be used to train public AI models.
Our AI usage is guided by the following principles:
Use approved Enterprise, business, or secure API environments
Avoid public model training with client data
Remove or mask personal information wherever possible
Limit prompts to the minimum information required
Avoid entering sensitive records, credentials, or confidential raw data
Ensure all AI-assisted output is reviewed by a person before use
Section 5: Personal and Sensitive Information
We reduce the amount of personal or sensitive information used in technology-assisted workflows.
Where possible, we strip, mask, summarize, pseudonymize, or aggregate personal information before using AI-assisted tools. Sensitive personal data, credentials, secrets, and regulated records are not used in AI tools unless reviewed and approved by Sameera Tak, Owner and Managing Director.
Section 6: Human Oversight
Technology supports our work, but it does not replace our responsibility.
All client-facing work remains subject to human review. AI-generated content is checked before it is used in client deliverables, reports, presentations, or communications.
Section 7: Governance and Accountability
Questions or concerns regarding data protection are escalated to Sameera Tak, Owner and Managing Director.
We regularly review how client information is stored, accessed, shared, and used with technology. Our goal is to keep client data protected while using modern tools responsibly and transparently.