Security & data

Your customer data
never leaves your account.

Complete documentation of what BHASM reads, how it is stored, what it never does, and your rights as a data principal. Version 1.3 — updated May 2026.

At BHASM, compliance is not a checklist — it is structural architecture. Privacy laws are enforced as hard constraints inside the governance engine, the same layer that controls urgency scoring and veto decisions.

What BHASM reads

Shopify

Orders · sessions · cart events · refunds · customer tags

Read access only via official Shopify API. No write access.

Razorpay / Stripe

Payment status · timestamps · failure codes · subscription status

Payment card details are never accessed. Status fields only.

HubSpot / Zoho

Contact records · deal stage · activity · email engagement

CRM write-back of health scores only when explicitly enabled.

WhatsApp via Interakt

Delivery receipts · read receipts · reply detection

Message content you did not write is never stored.

Google Analytics 4

Session counts · engagement patterns · event data

No PII from GA4. Aggregate behaviour patterns only.

CSV uploads

Any structured customer list · purchase history · contact data

Uploaded files processed and stored in your account only. Never shared.

How your data is stored

Encryption

AES-256 at rest. TLS 1.3 in transit. All data encrypted before writing to disk.

Isolation

Row-level security per account. Your data is structurally invisible to every other BHASM account.

Data residency

India: Mumbai. US and Global: US East. Selectable at account level.

Retention

Retained for the life of your account. Deleted within 72 hours of deletion request.

Backups

Point-in-time recovery. Backups encrypted identically to live data. Retained 30 days.

AI processing

Message enrichment uses Anthropic Claude API. Context sent is anonymised — no raw PII sent.

What BHASM never does

Sell your customer data to any third party.

Share customer records across BHASM accounts. Each account is structurally isolated.

Use your data to train any AI model, including BHASM proprietary models.

Store payment card details, PINs, or account credentials.

Access contacts you have not explicitly imported or connected.

Send any message without your approval on the Seed plan.

Retain data after account deletion beyond the 72-hour processing window.

Access your systems beyond the specific API scopes you have authorised.

What this looks like in practice

The system that knows when to stop.

Pressure signal detected

Customer raised a complaint.
Silence enforced.

All outreach is blocked. No campaign, no brief item, no autonomous send — until BHASM detects resolution signals. The relationship is worth more than the send.

Payment failure detected

Payment failed 3 days ago.
Promo blocked.

Sending a promotional message to a customer with a failed payment creates regulatory exposure and destroys trust. BHASM treats this as an absolute block. No override exists.

These are not configurable. They are architecture. How the laws work →

Compliance

DPDP Act 2023

Digital Personal Data Protection Act. Consent recorded at signup with timestamp. Purpose limitation enforced. Data principal rights honoured including correction and deletion.

GDPR aligned

Lawful basis of processing documented. Data subject rights supported. Data processing agreements available on request.

Right to deletion

Email hello@bhasm.ai. All personal data removed from live systems within 72 hours. Backup removal within 30 days. Confirmation email sent.

Consent management

Granular consent per channel — email, WhatsApp, SMS. Opt-out respected immediately. Consent log available to account holder on request.

Operational posture

Uptime target

99.9% for the brief-generation pipeline on Growth and above. Scheduled maintenance windows announced 48 hours in advance and run outside tenant business hours by region.

Incident response

Critical incidents acknowledged within 1 hour. Status communicated by email within 4 hours. Post-incident summary within 5 business days, including timeline, root cause, and remediation.

Sub-processors

Supabase (managed Postgres), Railway (compute), Resend (email delivery), Interakt (WhatsApp), Anthropic (Claude API for message enrichment). Full sub-processor list with data scope available on request.

DPA & DPIA

Data Processing Agreement available on request — covers GDPR Art. 28 obligations, sub-processor approval, breach notification, and audit rights. DPIA support for enterprise tenants on Scale and above.

Audit access

Every BHASM decision is logged and citable. Tenants on Scale and above can export the full audit log via the dashboard or API. Logs are retained for the life of the account.

Compliance roadmap

SOC 2 Type II audit targeted Q3 2026. Security questionnaires and DPAs available on request — write to hello@bhasm.ai. Penetration test reports refreshed annually. ISO 27001 considered post-SOC 2.

Structural enforcement

BHASM does not just respect privacy laws — the governance layer enforces them before any message is generated or sent.

Security questions

For security questions, penetration test reports, data processing agreements, or compliance documentation for your procurement team:

hello@bhasm.ai

Version 1.2 · Updated May 2026

Built for the relationships
you cannot afford to lose.

No credit card. Seed tier is free forever.

Your customer datanever leaves your account.