Security & data handling
I work inside your environment, in your region, under an NDA and a data processing agreement signed before I touch anything. The short version is below, and I am happy to complete your security questionnaire and sign your paper.
I work inside your cloud and your warehouse. Your data is not copied out to a tool of mine. Access is granted for the engagement, scoped to what the work needs, and revoked when it ends.
Processing is region-pinned to wherever you need it, the EU, the UK, or elsewhere, on infrastructure you own, under the regime that applies to you, GDPR or UK GDPR. Where a model is involved it runs configured for no training and no retention. Personal and payment data stays in systems you control.
An NDA and a data processing agreement are signed before access is granted, and that access is least-privilege and time-boxed. I sign your paper, not only mine, and keep a standard DPA and a current sub-processor list ready to send.
Continuity
I document and hand over as I build: runbooks, definitions, and code your team can read. Your people can run and change it without me, through a board crunch or a diligence sprint, whether or not I am around. I stay accountable, and you always get me on calls. When a job needs a skill I do not carry, I bring in trusted operators only with your prior approval and under the same NDA, and you deal only with me.
Enter the BI is the practice. Trapezium Tech Solutions is the entity on the invoice. Neither decides where your data sits: it stays in your cloud, in your region, processed under your DPA, no matter where the company is registered. The AI layer runs under the same access boundary a person would, with row-level security in the warehouse and every answer traceable to its source. More on how the AI layer is governed.
I will fill it in, sign your DPA, and work inside your environment, under whatever your policy needs. If you want a reference first, I'll put you in touch with a finance leader I've worked with.
Book a call