Book Assessment
Back to GovernAI

Privacy and data handling

Confidentiality, data minimisation, and third-party transparency for the GovernAI website.

This notice explains how the public website and 30-minute AI Governance Pulse Check booking flow are intended to handle information from UAE banks, insurers, fintechs, and licensed financial institutions.

Book Your 30-Minute Assessment Review third-party services
Website data handling

Designed for senior, regulated-sector conversations before documents are exchanged.

GovernAI’s public website is not intended to collect regulated datasets, customer files, model artefacts, or confidential control evidence. Those materials should only be shared after a formal engagement scope, appropriate confidentiality arrangements, and agreed delivery channel are in place.

Minimal information at first contact

The 30-minute AI Governance Pulse Check is designed to establish institutional fit and readiness priorities. Visitors should avoid submitting confidential customer data, regulated records, or sensitive internal documents through the public booking flow.

Confidential advisory context

Information shared for scheduling or introductory discussion is used to arrange the meeting, understand the governance topic, and prepare a relevant CBUAE-aligned advisory conversation.

Third-party booking transparency

GovernAI uses Zoho Bookings to display availability and manage appointments. When a visitor uses the embedded calendar or direct booking link, booking data is processed through Zoho’s booking infrastructure.

Security-conscious website operation

The website is served over HTTPS and has been hardened with static security headers, a restrictive browser-permission posture, referrer controls, and a content security policy that keeps third-party exceptions narrow.

Third-party services

Only necessary external services should support the public site experience.

The current public website uses a narrow set of external services for appointment scheduling, media delivery, and basic analytics. The security hardening work has been configured around a least-privilege content security policy so the booking integration can operate without creating broad third-party script permissions.

ServicePurposeRelevant domain
Zoho BookingsAppointment scheduling and calendar availability for the 30-minute AI Governance Pulse Check.governai.zohobookings.com and bookings.nimbuspop.com
CloudFront-hosted mediaDelivery of approved GovernAI visual assets and brand media.d2xsxph8kpxj0f.cloudfront.net
Site analyticsBasic site usage measurement to understand page performance and visitor journeys without creating public pricing or lead-scoring claims.Managed through the hosting analytics endpoint
Visitor guidance

What not to submit through the public booking flow.

For the initial 30-minute AI Governance Pulse Check, please use the booking form only for scheduling details and high-level context. Do not include personal customer data, confidential board papers, regulatory correspondence, production model files, credentials, internal audit findings, or sensitive vendor contracts in the public booking notes.

If deeper review is needed after the call, GovernAI will define an appropriate engagement scope and document exchange approach before sensitive material is requested.

Confidential next step

Start with a controlled conversation, not an uncontrolled data exchange.

The Pulse Check gives senior stakeholders a discreet way to discuss AI governance readiness, board oversight, control evidence, and CBUAE-aligned next steps without sending sensitive records through the public website.

Book Your 30-Minute Assessment