Built for procurement.
Universities don’t buy software they can’t pass through information-security review. Here’s every question you’d ask, with the answer up front.
Aligned with the rules that matter for Indian higher ed.
- UGC-DEB
Sensei only recommends UGC-DEB approved online programmes. Every recommendation is grounded in the published University Grants Commission directory; the agent says 'confirm from the data' rather than fabricate when an entry isn't there.
- DPDP Act 2023
Boole processes student personal data on the lawful basis of consent. We give universities the controls they need to honour data principal rights (access, correction, erasure, and grievance) under the Indian Digital Personal Data Protection Act.
- NAAC alignment
Comparison data, fee ranges, and accreditation levels shown by Sensei map to NAAC-published values. Updates flow within 24 hours of NAAC re-accreditation.
Student data stays in India.
- Primary storage
All student personal data is stored in India-region infrastructure (GCP asia-south1 / asia-south2). Backups never leave the region.
- AI inference
Inference runs on India-region endpoints when available (Vertex AI asia-south1). Where a model is only available outside India, no PII crosses the boundary. We send anonymised, derived inputs only.
- Logs & telemetry
Application logs, traces, and analytics are India-region with no third-party shipping outside the region.
Encrypted in transit, encrypted at rest.
- In transit
TLS 1.3 between every client, edge, agent, and database. HSTS enforced. No mixed-content paths.
- At rest
AES-256 on all primary databases, object storage, and backups. Customer data is logically segregated; per-tenant keys for sensitive fields.
- Secrets
All secrets stored in GCP Secret Manager with rotation. No long-lived credentials on disk; workload identity for service-to-service auth.
Least privilege, every action logged.
- Authentication
MFA enforced for every Boole employee with access to student data. SSO via Google Workspace; access reviewed quarterly.
- Authorisation
Role-based access aligned to the customer's own roles. Counsellors see escalations only; ops sees agent health; founders see funnel state. No 'admin sees everything' default.
- Audit log
Every prompt edit, every agent action, every record read or written by a Boole employee is logged with actor, timestamp, and reason. Logs are exportable to the customer's own SIEM on request.
Where we’re headed.
- SOC 2 Type II
Type I evidence collection underway. Type II window opens once we have six months of operational evidence. Target audit completion: H2 2026.
- ISO 27001
Scoped for 2027. Will follow SOC 2 Type II as the second formal certification.
- Penetration testing
Annual third-party penetration testing scheduled. Reports available under NDA to procurement teams.
Every third party that touches your data.
| Subprocessor | Purpose | Region |
|---|---|---|
| Anthropic | Claude inference (long-form reasoning, writeback) | US (anonymised inputs only) |
| OpenAI | Fallback inference for select skills | US (anonymised inputs only) |
| Google Cloud Platform | Compute, storage, Vertex AI inference | asia-south1 (Mumbai) |
| Vercel | Edge hosting for marketing surfaces | Global edge (no PII) |
| Pinecone | Vector store for retrieval-augmented context | asia-south1 |
| Razorpay | Payment processing (Ledger) | India |
Have a security question we haven’t answered?
Procurement teams: drop us your security questionnaire and we’ll return it filled in within five working days.