Bardo do the work to understand what was bought
We ask for read only access to your accounts payable data, including invoices and receipts, so we can build an activity level, assurance ready inventory. This page explains exactly what we ingest, how access works, and which safeguards apply.
Contacts
security@bardo.se
dpo@bardo.se
*Legal terms live in the DPA and your order form
Our ask, clear and specific
Accounts Payable metadata
Purchase orders and supplier master
Invoices and receipts, PDF, XML, EDI, images
Shipment and route data where relevant
Your data always stays securely within your approved environment.
We interact seamlessly with your ERP and accounting systems without altering or disrupting them.
We ensure all processing excludes personally identifiable information (PII).
Your data is used exclusively for your purposes — never to train external or third-party models.
IP allowlisting, cloud-native firewalls, zero-trust architecture, immutable audit logs
Data flow and access model
Accepts uploads through SFTP, secure file drop, or authenticated API endpoints with TLS encryption
Optional private link or VPN with IP allow-listing for customers with elevated data isolation requirements
Secure, read-only integrations to major ERP systems. We never write back or alter record
Files are received in an encrypted, segregated environment
Financial documents are read, normalized, and converted into structured activity data
Each activity is matched to a supplier-specific or evidence-based emission factor, with source lineage maintained
Results are committed to your Carbon Footprint Inventory, with full traceability from transaction to factor
Exports and the Bardo Viewer app read from the inventory only, no external data movement
Core safeguards
Controls mirror the Trust center.
See trust center for full detail.
Secure development and operations
Data protection and privacy
GDPR compliant DPA with SCCs where applicable
Data deletion or return within 90 days of termination
Transparent subprocessor list at /security/subprocessors with change notifications
AI safeguards, no provider training rights on customer data
Security
Human in the loop quality operations
Everything is monitored by specialists. Every corner case or uncertainty is flagged and corrected. Decisions write back to the inventory and into a training data store that improves the models.
What enters review
Capture exceptions, unreadable docs, missing fields
Mapping uncertainty, categories, units, route or model detection
Factor selection conflicts and scope boundary checks
Generated LCAs that require assumptions
Controls
Role based approvals and four eyes for sensitive changes
Immutable logs with user, time, before and after snapshots
SLA targets, queue response within one business day, critical exception resolution within five business days
What you see
Queue status and change logs
Uncertainty trend by category and supplier
Factor specificity mix by ran
Data minimisation and redaction
AI and model safeguards
What security teams ask, answered
Our platform is designed for secure, read-only ingestion, typically through encrypted batch uploads or integrations. All data handling follows EU-based storage, strict access controls, and documented deletion procedures.
Can you guarantee read only?
Yes. Bardo never writes to or modifies client systems. We ingest data via secure batch transfer (SFTP, object storage, API, or file drop) under read-only credentials. Access is time-bound, least-privilege, and reviewed quarterly with your team.
How do you separate tenants?
Each customer operates in a logically isolated environment with separate encryption keys, access policies, and audit logs. Data is hosted in EU-only Azure infrastructure, aligned with ISO 27001 and SOC 2 practices.
How do you prove lineage?
Every emission result includes a traceable chain from transaction → activity → factor, with immutable logs. You can verify this lineage directly in the Viewer app or export it as part of your audit package.
What is your data retention policy?
We retain uploaded data only as long as your subscription remains active. Upon termination, all data is securely deleted or returned within 90 days in line with GDPR and our DPA.
Do you support BYOK?
Yes, available for enterprise customers via Azure Key Vault. All data at rest is encrypted with AES-256, and in transit with TLS 1.2+ regardless of key management setup.
