Evidence-first cyber governance for regulated service firms
Client Login

Security & Privacy

You share sensitive material with us. Here is how we protect it.

Last updated: March 14, 2026

Regulated firms deserve clear answers before sharing questionnaires, evidence, or scoping details with any vendor. This page explains what Borealis collects, how we handle it, and what happens when a link takes you from this site into Aurora Command.

Start here, then use the formal legal notices for the operative terms.

Book a 30‑Minute Program Review Read the Privacy Policy
AT A GLANCE
  • Scoping materials stay within Borealis review and delivery workflows
  • Analytics stay off until you grant consent
  • Supported browser privacy signals keep optional analytics and marketing off
  • Aurora links open in a new tab so the handoff is visible and reversible
  • Procurement questions get a direct, specific answer

Your materials stay scoped to the review

Questionnaires, screenshots, and draft evidence shared during a program review stay within Borealis review and delivery workflows. We do not share them outside that context without permission or a governing agreement.

Analytics are consent-gated

Marketing tags and site analytics remain off until you allow them. Supported Global Privacy Control signals also keep optional analytics and marketing off. The site works fully without that consent. Contact and scheduling forms collect only the information needed to respond. Public opt-out details are on the Privacy Choices page.

Aurora handoffs are deliberate

Client Login and Aurora tour links open in a new tab so the shift from this site to Aurora Command is visible, intentional, and easy to reverse. No silent redirects.

What this site collects

  • Name, work email, company, optional phone, and notes you submit through scheduling
  • Contact-form details needed to respond to your message
  • Basic analytics only when your cookie settings allow it

How we use it

  • To schedule a program review or respond to a specific question
  • To send calendar invites, follow-up notes, and scoping information
  • To understand which pages are useful, if analytics consent is granted

What this page does not do

  • Replace the formal Privacy Policy or any service agreement
  • Provide legal, tax, or accounting advice
  • Guarantee compliance outcomes from Aurora Command alone

Our commitments

  • We never share your scoping materials, screenshots, or draft evidence outside the Borealis delivery context without permission.
  • We collect only the minimum information required to schedule, scope, and respond.
  • Cookie-gated analytics remain off until consent is granted, and supported browser privacy signals keep optional analytics and marketing off. The site works fully without it.
  • When a conversation moves into Aurora Command, the purpose is controlled evidence sharing, not a generic portal redirect.

Aurora Command

What the Aurora handoff is actually for

Aurora Command is where the maintained evidence set lives. Borealis links into that system when a client needs a product tour, controlled reviewer access, or a structured proof conversation.

Aurora Command screenshot showing control-to-framework mapping with evidence counts and freshness indicators. Governance + reuse Mapped once Evidence-linked Freshness visible

Governance Mapping

Map one control set to every reviewer context

Aurora Command keeps control coverage, evidence counts, and framework mapping in one working view instead of across spreadsheets.

  • Control-level mapping stays tied to evidence.
  • Framework overlap does not create duplicate work.
  • Stale items are visible before a reviewer notices.
Aurora Command screenshot showing evidence freshness timing, approvals, and current versus expiring status indicators. Monthly cadence Approval trail Current / expiring / stale

Freshness + Timing

Keep evidence current between review cycles

Aurora Command surfaces freshness timing, approval history, and review status so Borealis can run a calm monthly cadence instead of a last-minute scramble.

  • Good evidence has an owner, a date, and a refresh cadence.
  • Review cycles stop depending on memory and inbox searches.
  • Borealis uses this to keep the program organized for review year-round.
Aurora Command Trust Center access screen showing access-code entry and request-access form. Controlled sharing Access request workflow Believable reviewer handoff

Trust Center Access

Share proof through a controlled handoff

Aurora Command uses controlled access workflows instead of loose attachments, so buyers and reviewers get the right evidence without losing track of what was shared.

  • Cross-domain handoffs feel deliberate instead of abrupt.
  • Useful when procurement or diligence reviewers need selective access.
  • Supports a controlled proof handoff without email chaos.
Tour Aurora Command Ask a Procurement Question

Real Aurora Command screenshots showing why Borealis uses a purpose-built system of record instead of email attachments.

Have a specific procurement or privacy question?

Tell us exactly what the reviewer needs. We will respond with a direct answer, not a policy dump.

Book a 30‑Minute Program Review Email Borealis