Privacy and data evaluation

Know Where Data Goes, Who Can Access It and How It Leaves

Map data categories, locations, providers, access routes, retention, export and AI-assisted processing before approving the service.

Share data requirements

Production Data Review Matrix

The review covers structured records, files, logs, backups, exports, support access and derived data. Marketing-site processing is documented separately in the privacy notice.

Review the marketing-site privacy disclosure.

Decision areaQuestions to resolveEvidence required
Roles and rightsWho determines purpose, acts on instructions, owns or licenses each data class, and can approve access?Approved contract terms, data classification and responsibility map
Providers and locationsWhich organisations and systems process each copy, in which locations, under which transfer route?Current architecture, provider register, data-flow trace and transfer review
Access and supportWhich customer, platform and partner roles can access data, and how is exceptional access approved and reviewed?Authorisation tests, access records, elevation controls and review evidence
Retention and deletionHow long does each active, deleted, logged, backed-up or legally held copy remain?Approved schedule, deletion test, hold procedure and exception register
Portability and exitWhat can an authorised customer retrieve, in which structure, with what audit context and verification?Export specification, sample output, completeness test and offboarding runbook
AI-assisted processingWhich data may be sent to a model, for what purpose, with what isolation, retention and human approval?Provider terms, data-flow test, provenance record, limitation notice and opt-in boundary

Cookieless Is Not Data-Free

A marketing page may still create network and security logs, load third-party resources or submit a lead form. Browser storage, request logs, form fields and tag destinations must all be included in the live data-flow audit.

Synthetic Is Not Automatically Safe

Demonstration and test data should have documented origin and review. It must not be derived from confidential customer records or be re-identifiable through locations, dates, rare events or combined attributes.