Datenverarbeitung · Datenschutz · Unterauftragsverarbeiter
Deliberately specific. Written so a CISO, a DPO — and in the case of the Google Workspace scan, a Google CASA reviewer — can confirm exactly what happens and when.
Vier konkrete Zusicherungen
Everything from a Workspace scan is auto-deleted within 24 hours — enforced by a daily cron, not a promise.
We request only the two admin read-only scopes we need. No write access, no mailbox content, no drive files.
LLM providers operate under enterprise agreements that exclude your audit data from model training.
Copy, correction and deletion requests are honoured on any audit — for any user, any region, any time.
Google-Workspace-Scan
Clicking Scan Google Workspace asks for two admin scopes on an incremental consent screen. We enumerate OAuth apps granted in the domain and match them to our registry. Nothing is sent to analytics, CRM or third-party models.
Aggregated results land inworkspace_scan_sessionswith anexpires_atcolumn enforced by a daily cron at/api/tools/shadow-ai/cron/scan-purge.
Scopes requested
admin.directory.user.security.readonlyLets us enumerate OAuth-granted apps across your Workspace — the raw material for shadow AI discovery.
admin.reports.audit.readonlyLets us read the admin audit log so new AI tools appearing in the domain surface in your audit.
Trigger early deletion any time by emailing privacy@buzzi.ai.
Audit-Einreichungen
Survey answers, identified tools and the email you enter at the end are stored in our Postgres instance. Used only to produce your report and, where you opted in, to send you Buzzi.ai insights.
Hosting
Supabase Postgres (AWS · US / EU)
Backups
Encrypted at rest · Retained per vendor defaults
Audit retention
24 months, then auto-deleted
Email retention
Indefinite for unsubscribe — deletable on request
Unterauftragsverarbeiter
Four vendors. That's the whole list. We publish changes at least 30 days before they apply.
Supabase
Primary Postgres hosting · AWS · US / EU
Stores audit submissions, survey answers and generated outputs. Encrypted at rest.
Postmark / Amazon SES
Transactional email · US
Sends audit reports, save-for-later links and insight emails you opt into.
OpenAI (Enterprise)
LLM inference — summaries, DPIA drafting · US
Enterprise agreement excludes customer data from training. Outputs scoped to your account.
Google (Vertex / Workspace Scan)
LLM inference + OAuth scan · US / EU
Used for Workspace OAuth discovery and Gemini-powered text generation. No training on customer data.
LLM-generierte Ausgaben
When you generate artefacts, we send the audit context to OpenAI or Google under enterprise agreements that exclude training on customer data. Outputs land inaudit_outputsscoped to your account and your account only.
Ihre Rechte
We honour copy, correction and deletion requests for any audit, regardless of your region. Emailprivacy@buzzi.aiand we respond within 30 days.
Email privacy@buzzi.ai and we send you everything we hold for your audit in machine-readable form.
Your audit, your outputs and your email are removed on request within 30 days. Confirmations are in writing.
Opting in to marketing is explicit. Opting out is one click in any email or by replying "stop".
Reaktion auf Sicherheitsvorfälle
If you believe you've found a security issue, please disclose responsibly viasecurity@buzzi.ai. We acknowledge within 2 business days and follow standard IR procedure — including regulator and data-subject notification where appropriate.
security@buzzi.aiDatenschutz-Kontakt
Copy / correction / deletion, DPA requests, sub-processor notifications — all go here.
privacy@buzzi.aiMethodik
Trust is the data side. Methodology is the math side — multipliers, bands and formulas, all published.
Methodik öffnen