Our Commitment to Your Data Security
We pledge to maintain the highest standards of data protection and transparency. Your trust is fundamental to everything we do, and this pledge outlines our commitment to safeguarding your information.
Core Security Principles
1. Complete Data Control & Ownership
Your data remains yours: We never claim ownership of your event or attendee data.
Full infrastructure control: All AI models are hosted exclusively on servers we own and operate — we never send your data to third-party AI providers such as OpenAI, Anthropic, or others. We primarily rely on in-house or fine-tuned open-source models.
Isolated processing environment: AI processing occurs in isolated environments dedicated to your organization. Each customer organization has its own secure boundary, and AI processing for your events remains strictly within your organizational container.
ISO 27001 certified: Brella’s processes and systems undergo rigorous annual audits in line with internationally recognized standards.
2. Privacy-First AI Development
Anonymization by default: We only use fully anonymized, de-identified, non-PII data for limited model training.
Opt-out available: You can choose to exclude your data from model training at any time.
3. Complete Organizer Control
Generative AI features are optional: Any AI features that require sending data to our self-hosted models are always optional. Event organizers have full control to enable or disable these features for their events.
No surprises: Generative AI features will never be automatically enabled without explicit organizer consent.
4. Data Minimization & Purpose Limitation
Collect only what's needed: AI features will only access the minimum data required for their specific function.
Time-limited processing: Data used for AI operations is processed only for the duration necessary and then securely deleted.
No secondary use: Data collected for one purpose will never be repurposed for unrelated AI training without explicit consent.
Our Ongoing Commitment
This pledge is a living commitment that evolves with technology and regulations. We pledge to:
Stay current: Continuously update our practices to meet or exceed emerging AI governance standards.
Listen actively: Maintain open channels for feedback and concerns about our AI features.
Act responsibly: If we cannot meet these security standards for a particular AI feature, we will not release it.
Communicate proactively: Notify users promptly of any significant changes to our AI data practices.
Questions or Concerns?
Your trust matters to us. If you have any questions about our AI security practices or would like to exercise your data rights, please contact our dedicated team at dpo@brella.io.
