Last Updated: May 31, 2026
1. Scope & Definitions
This Privacy Policy outlines the methodologies by which **Baron MentorX** collects, processes, encrypts, and contains data generated during client consulting engagements, website interactions, and remote engineering operations.
As a technology firm integrating cognitive neural networks, mechatronics grids, and Industrial Internet of Things (IIoT) telemetry pipelines, we enforce strict data hygiene. This policy applies to all systems managed under the `baronmentorx.com` domain, local edge controllers, and proprietary testing sandboxes.
2. Telemetry & Data Collection
We limit data collection to parameters essential for running digital systems, optimizing machinery kinematics, or resolving software tickets. The types of datasets processed are divided into:
- Enterprise Telemetry: Anonymized SCADA registry variables, PLC sensor cycles, machine speeds, thermal logs, and latency diagnostics gathered during process audits.
- Operational Inputs: Source code snippets, neural network weight profiles, training metadata, and database structures submitted to our staging sandboxes for diagnostic analysis.
- Client Inquiries: Organization names, hotline callbacks, and specific service domains of interest submitted via consultation requests.
3. Private AI & Telemetry Containment
At Baron MentorX, we maintain a strict **Data Containment Protocol** for all machine learning and artificial intelligence workflows:
- No External Model Training: Your intellectual property, operational logs, and data vectors are never used to train external, public artificial intelligence models.
- On-Premises & Private Cloud Isolations: All training models, convolutional layers, and transformers are compiled and executed inside secure, local Docker containers or client-dedicated private clouds.
- Physical SCADA Segregation: Network telemetry and PLC diagnostics are stored in siloed registers, physically segregated from public internet loops.
4. Cryptographic Standards
We enforce strict cryptographic standards to protect sensitive customer data and operational logs.
- Data in Transit: Encrypted using TLS 1.3 socket configurations for web connections, and mutual TLS (mTLS) with X.509 certificates for IoT telemetry exchanges.
- Data at Rest: Encrypted using AES-256 algorithms. Cryptographic keys are rotated automatically through Hardware Security Modules (HSMs) with strict rotation schedules.
- Zero-Trust Audits: Access control records are written to immutable database logs to prevent unauthorized modifications.
5. Sovereignty & Compliance
Our data storage structures align with international regulatory compliance directives:
- GDPR (General Data Protection Regulation): European client data is stored strictly on sovereign EU cloud nodes, preventing unverified cross-border data replication.
- HIPAA compliance: Medical clinical data and patient registries are logically segregated with encrypted tables, strict audits, and access controls.
- SOC 2 Type II: Access controls, continuous operations logging, and network traffic records conform to security trust principles.
- GxP (Good Practice Guidelines): Production recipe databases and audit trails are logged using immutable ledger databases for regulatory compliance.
6. Your Data Rights
Under global data protection laws (including GDPR and CCPA), clients and users retain specific rights regarding their personally identifiable information (PII):
- Right of Access: You can request a copy of all contact, telemetry, or account logs associated with your organization.
- Right to Rectification: You can correct incomplete database records or outdated callback phone numbers.
- Right to Erasure (The Right to be Forgotten): You can request the permanent deletion of client profiles, support histories, and staging container files, subject to regulatory retention laws.
- Right to Object: You can withdraw consent for telemetry logging or opt out of automated marketing lists.
