The Business Cocoon

Security at The Business Cocoon

The Business Cocoon maintains administrative, technical, and organizational safeguards intended to protect the confidentiality, integrity, and availability of customer data processed through the platform.

Last updated: April 30, 2026

Effective date and scope

Effective Date: April 30, 2026. This page provides a high-level summary of The Business Cocoon security practices and does not amend any contractual security commitments.

Shared responsibility

The Business Cocoon is responsible for security of the services under its control. Customers remain responsible for user access governance, configuration choices, and lawful use of the services within their organizations.

Access control and authentication

Access to production systems and administrative tooling is restricted to authorized personnel on a least-privilege and need-to-know basis. Access entitlements are reviewed periodically and modified promptly when responsibilities change.

Data protection

The Business Cocoon applies safeguards designed to protect customer data in transit and at rest, and maintains controlled operational processes for handling user uploads, assessment responses, generated reports, and workflow history across products.

Monitoring and incident response

The Business Cocoon maintains monitoring and incident response procedures intended to identify, triage, investigate, and remediate security events. Where required by contract or applicable law, affected customers are notified of material incidents.

Subprocessors and vendor risk management

The Business Cocoon engages third-party providers for defined service functions. Providers are selected and managed using risk-based diligence and contractual controls appropriate to the nature of services provided.

  • Role-based access controls and periodic access entitlement reviews.
  • Change management and release controls intended to reduce deployment risk.
  • Backup and recovery practices supporting service continuity objectives.
  • Secure development lifecycle practices, including dependency and vulnerability management.

Changes to this security page

The Business Cocoon may update this page periodically to reflect operational, technical, or legal changes. Material contractual commitments are governed by applicable written agreements.

Security inquiries: ux@businesscocoon.com · Contact