Security Overview

BillboardIQ uses role-based permissions and tenant-specific access boundaries to limit what users can view, create, edit, audit, or supersede. Access is designed to reflect real operational roles across MCG teams and client teams.

Customers should assign permissions conservatively, review them regularly, and remove access promptly when roles change or users leave the organization.

The platform is designed to preserve operational accountability through timelines, history views, audit indicators, revision controls, and approval state tracking. That model reduces silent changes and makes it easier to understand how records evolved over time.

This auditability is especially important in modules such as contracts, board roster records, parts inventory, and maintenance workflows where verified operational truth matters.

We apply reasonable technical and organizational safeguards intended to protect platform information against unauthorized access, misuse, loss, and alteration. That includes controls around service operation, access management, and support practices.

Because customers may store sensitive operational information in the platform, customers should also evaluate their own internal procedures for credential handling, file uploads, user administration, and endpoint security.

Customers remain responsible for the security of their local devices, password hygiene, user lifecycle management, uploaded content, and any external systems they connect or rely on alongside BillboardIQ.

If a customer suspects compromise, misuse, or unauthorized access, they should notify the MCG team immediately so the issue can be investigated and contained.

Prospective and current customers with specific security review requirements can raise them during the sales or onboarding process. Requests for additional documentation, implementation details, or control discussions can be handled directly with the MCG team.