Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.bondata.ai/llms.txt

Use this file to discover all available pages before exploring further.

BonData meets the IT control requirements for multiple regulatory and industry compliance frameworks. The platform’s deployment models, Cloud SaaS and Cloud-Prem, give customers a choice in where the boundary of responsibility sits between BonData and the customer’s own controls.

SOC 2 Type II Report

BonData has completed its SOC 2 Type II audit. The report is available under NDA via security@bondata.ai.

Key benefits

A SOC 2 Type II report provides an in-depth analysis of a cloud service provider’s controls against the AICPA’s Trust Services Criteria, Security, Availability, Processing Integrity, Confidentiality, and Privacy. The report is produced by an independent auditor, includes detailed descriptions of the controls in place, and tests their operational effectiveness over a defined audit window.

ISO 27001 Certification

BonData is ISO 27001 certified. The certificate is available under NDA via security@bondata.ai.

Key benefits

ISO 27001 is the international standard for the comprehensive management of information security. Certification demonstrates that an organization employs a framework of legal, physical, and technical controls to manage information risk, covering personnel security, asset management, access control, cryptography, operations security, communications, supplier relationships, and incident management.

GDPR Compliance

BonData processes customer personal data as a Data Processor and complies with the EU General Data Protection Regulation. A Data Processing Agreement, with the EU Standard Contractual Clauses incorporated, is available to customers.

Key benefits

The GDPR governs the way personal data of individuals in the European Union is collected, stored, processed, and erased. It standardizes data-protection law across the EU and grants individuals enforceable rights including access, rectification, erasure, restriction of processing, and portability of their personal data.