Security & Data Protection

Operational data drives margin. We protect it as business-critical infrastructure.

BomData integrates with Aspire to surface operational and sales performance insights for commercial landscapers. We understand that when you connect your system to BomData, you are trusting us with sensitive company information. BomData implements administrative, technical, and physical safeguards designed to protect customer data from unauthorized access, misuse, or disclosure.

This page focuses on how BomData protects customer operational and account data within our application infrastructure. For information about how we collect and use personal information, please refer to our Privacy Policy.

Last updated: January 5, 2026

1. Infrastructure & Hosting

BomData is hosted in Amazon Web Services (AWS) in the us-east-1 region.

Production and development environments are separated.
Services are architected with redundancy within the region.
Infrastructure follows AWS security best practices.
Access to production systems is restricted to authorized personnel.

2. Encryption

Data in Transit

All traffic is encrypted using TLS 1.2 and TLS 1.3.
Secure API communication is used for all integrations.

Data at Rest

Customer data is encrypted at rest using AWS-managed encryption mechanisms, including:

Amazon S3 (SSE-S3)
DynamoDB (AWS KMS)
Amazon RDS (AES-256)

All database storage and backups are encrypted.

3. Authentication & Access Control

Customer Authentication

Secure authentication is required for all users.
Passwords are hashed and never stored in plain text.
BomData supports Google SSO.

Raw passwords are never stored or accessible.

Internal Access Controls

Access to production systems is restricted to authorized personnel only.
Administrative access is tightly controlled.
We follow the principle of least privilege for internal system access.

4. Data Ownership & Usage

Your Data Remains Yours

Customers retain full ownership of their data.

BomData:

Does not sell customer data.
Does not share operational business data with third parties.
Uses customer data solely to deliver BomData services.

Aggregated & Anonymized Data

BomData uses aggregated and anonymized data across customers for:

Product improvement
Machine learning models
Sales forecasting insights
Organizational performance recommendations

Customer-identifiable data is anonymized prior to model training.
No identifiable customer business data is shared externally.

5. Backups & Recovery

Amazon RDS backups are performed daily.
DynamoDB supports continuous point-in-time recovery.
All backups are encrypted.
Services are redundant within the hosting region.

6. Data Retention & Deletion

BomData does not enforce a rigid post-cancellation retention window.

Customers may request deletion of their data at any time, including after cancellation.

Upon request:

Production data is deleted.
Data is removed from active systems.

We are happy to provide written confirmation of deletion upon request.

7. Third-Party Services

BomData uses third-party tools to operate the business (e.g., payment processing, email, CRM, monitoring).

These systems:

Do not store exported customer reports.
Do not store operational or financial business data.
May store basic contact information (e.g., email address, phone number) required for communication or billing.
Do not have access to customer business data within BomData.

Subprocessor details are available upon request.

8. Secure Development Practices

Code changes are version-controlled.
Production deployments follow internal review processes.
Access to source code and infrastructure is restricted.
Security vulnerabilities are addressed promptly when identified.

9. Working with Enterprise IT Teams

We regularly work with operations leaders, IT teams, and procurement departments.

We are happy to provide:

Security questionnaires
Architecture overviews
Vendor onboarding documentation
Direct discussions with our technical leadership

For security inquiries, contact: support@bomdata.io