Data Sharing

Last updated: January 12, 2026

This page explains how HAIEC shares data with third parties and the safeguards we have in place to protect your information.

Our Data Sharing Principles

  • We never sell your personal data
  • We never share data for advertising purposes
  • We never use your data to train AI models
  • We share data only as necessary to provide our services

Data We Never Share

  • Assessment responses: Your compliance assessment answers are never shared with third parties
  • Source code: Code analyzed by our security scanner is never shared or retained
  • Compliance reports: Your generated reports and certificates are private to you
  • AI model providers: We don't send any data to OpenAI, Anthropic, or other AI services

When We Share Data

We share data only in the following limited circumstances:

Service Providers (Subprocessors)

We share data with our subprocessors (listed on our Subprocessors page) who help us deliver our services. All subprocessors are contractually bound to protect your data.

Legal Requirements

We may disclose data if required by law, court order, or government request. We will notify you unless legally prohibited from doing so.

With Your Consent

We may share data with third parties when you explicitly authorize us to do so, such as when you choose to share a compliance badge or report.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity. We will notify you of any such change.

Public Badges and Reports

Note: When you choose to display a HAIEC compliance badge on your website or share a public report link, that information becomes publicly accessible. This is an intentional feature that you control.

  • • Badge status (e.g., "Evidence Ready") is visible to anyone who views the badge
  • • Public report links can be accessed by anyone with the link
  • • You can revoke public access at any time from your dashboard

International Data Transfers

Our services are hosted in the United States. If you are located outside the US, your data will be transferred to and processed in the US. We rely on Standard Contractual Clauses (SCCs) and other appropriate safeguards for international data transfers.

Related Policies

Privacy Policy Responsible AI Subprocessors Terms of Service

Questions?

If you have questions about our data sharing practices, please contact us at privacy@haiec.com.