We at Betteryields want to ensure secure and compliant use of AI by prioritizing data privacy, transparency, and user control — so engineers can work efficiently without compromising trust.
Key Principles
Trusted AI Execution
The Yieldmanager runs all core AI features in a trusted environment. Either locally on the user’s machine, the company's network or our own private server. This means:
No mandatory connection to cloud services
Functionality even in offline environments
All remote models used in our software are hosted in Germany and other European data centers to ensure compliance with regional data protection standards.
Explicit Consent for Data Sharing
Sensitive data is never processed outside your organizational network unless:
The user explicitly confirms the action.
A clear prompt explains what data is involved and where it would be sent.
The transfer is logged and attributed to the confirming engineer.
Transparent and Auditable Data Flows
We want to ensure that:
All data transfers—local, network-based, or cloud-related—are fully logged.
Authorized team members can access transfer logs at any time.
Nothing is hidden, automatic, or untraceable. Users retain complete visibility into how their data is used.
Built-In Compliance
The Yieldmanager is built to support:
GDPR (General Data Protection Regulation) standards for data privacy.
IP protection, especially for proprietary process data or experimental results.
IT security policies, including user access controls, audit trails, and data minimization.
Additional Trust-Building Measures
Prepared for European AI Act Compliance
The Yieldmanager is built in alignment with the requirements of the European AI Act:
All AI functionality is transparent, explained, and subject to human oversight.
Any high-risk components are clearly documented and verifiable.
Data processing, audit trails, and fallback mechanisms follow the principles of accountability and safety by design.
Designed to support future regulatory reporting, documentation, and conformity assessment obligations.
Role-Based Access Control (RBAC)
Administrators can assign precise roles and access rights:
Restrict export or editing permissions.
Control access to AI modules or sensitive experiment data.
Ensure users only access the data and tools needed for their role.
In-Product Privacy Dashboard
A dedicated dashboard within the software to provide:
Real-time visibility into locally stored and processed data.
A record of data exports and AI module usage.
An audit-friendly summary for compliance teams and IT administrators.
Offline Mode
For customers operating in highly regulated or sensitive environments:
Can be fully deployed without internet access.
Updates and AI models are delivered via signed offline packages.
Ensures full control and minimal external exposure.
Ethical AI Commitments
The Yieldmanager is built around responsible AI usage:
No use of customer data for external model training.
No behavioral analytics or tracking by default.
Strict internal guidelines prohibit any monetization of user data.
Customer-Controlled Updates
Software updates are completely under user control:
Updates are never pushed automatically.
Teams can test updates in sandbox environments if required.
Each update includes a clear changelog detailing features, fixes, and security notes.
Third-Party Security Certifications
To reinforce security assurance and transparency:
Regularly audited by independent cybersecurity firms.
Certification roadmap includes ISO/IEC 27001, TISAX, and equivalent frameworks.
Results of penetration tests and audit summaries are available under NDA.
