BOND
Internal Privacy & Data Handling Policy for Bond

Effective Date: March 2026 • Last Updated: March 2026

1. Overview

This policy outlines how data is collected, processed, and secured when employees use the Bond AI search application. Bond is an internal tool designed to help team members quickly retrieve information and generate insights from our internal databases and documentation.

2. Information We Collect

When you interact with Bond, the system automatically collects and processes the following types of information to function effectively:

  • User Queries: The text of the questions, prompts, or searches you enter into the application.
  • Retrieved Context: The specific data snippets, documents, or records retrieved from our internal databases (e.g., Microsoft Fabric) used by the AI to formulate a response.
  • Usage Logs & Identity Data: Standard system logs, including your corporate user ID, timestamps, and session durations, to ensure proper access control and monitor system health.
  • Feedback Data:Any explicit feedback you provide (e.g., thumbs up/down, written comments) regarding the quality of the AI's responses.
3. How We Use the Data

The data collected is used strictly for internal operational purposes:

  • Fulfilling Requests: To process your search queries, retrieve the relevant corporate data, and generate accurate, context-aware answers.
  • System Improvement: To monitor performance, debug errors, and improve the accuracy and relevance of the retrieval systems.
  • Security & Compliance: To audit system usage, prevent unauthorized access, and ensure the tool is being used in accordance with company policies.
4. AI Processing & Data Sharing

Protecting our proprietary company data and your privacy is our top priority.

  • Secure Processing: Bond utilizes Azure AI services to process your queries. Data sent to these services is encrypted in transit and at rest.
  • No Public Model Training: Your search queries, generated responses, and the internal company data retrieved by the application are not used to train, retrain, or improve any external or public foundational AI models.
  • Internal Access Only: Data processed by Bond is restricted to authorized internal personnel and the secure infrastructure hosting the application. We do not sell or share this data with unauthorized third parties.
5. Data Retention

We retain search logs, prompts, and generated responses for security auditing and system improvement purposes. After the retention period, logs are securely deleted or anonymized.

6. User Responsibilities

While Bond is built securely, users are expected to adhere to standard corporate data handling policies:

  • Do not input sensitive personally identifiable information (PII) regarding employees or clients into the prompt unless necessary for your specific authorized workflow.
  • Ensure that any output generated by the AI is verified before being used in external communications or finalized reports.
7. Changes to this Policy

We may update this internal policy periodically to reflect changes in how the application operates or updates to our data governance standards. Users will be notified of any significant changes.