π§° Tool Stack Selection Guide¶
Balancing Openness, Privacy, and Competitiveness
We choose tools that enhance our ability to build privacy-first products β without compromising on quality, velocity, or innovation.
π― Purpose¶
This guide defines how Brax Technologies selects, evaluates, and approves its engineering and operations tools. Our mission is to use technology that enhances our ability to build privacy-first products β without compromising on quality, velocity, or innovation.
We acknowledge that not every domain has the same privacy expectations: our core systems (engineering, devices, users) demand full sovereignty, while business operations sometimes rely on external, cloud-based ecosystems.
π Guiding Principles¶
π Privacy and Control First
- We prefer tools that let us own our data and control our environment.
- Open-source and self-hosted tools are the default choice whenever feasible.
- The key question: "Who controls the data, and what is its potential exposure risk?"
βοΈ Pragmatism and Efficiency
- We make data-driven, context-aware decisions.
- Some workflows (marketing, recruiting) operate in the public domain β cloud tools acceptable when managed with care.
- We minimize data sharing and retain the right to exit or migrate if vendorsβ privacy practices change.
π Transparency and Review
- Every major tool adoption undergoes a lightweight internal review covering technical, privacy, and sustainability considerations.
- Decisions are documented with rationale, risk level, and mitigation steps.
- We maintain a living inventory of our stack and re-evaluate dependencies regularly.
β Tool Selection Criteria¶
When evaluating a new tool or platform, we consider:
| Category | Key Questions | Preferred Approach |
|---|---|---|
| π¦ Data Ownership | Who stores and processes the data? | Self-hosted or private cloud preferred |
| π Privacy Impact | What data is collected and retained? | Minimal, anonymized, auditable |
| π Security | Does it support encryption, MFA, SSO, access controls? | Mandatory for sensitive systems |
| π Open Source | Is it auditable? Whatβs the license? | Prefer open-source with active community |
| π Vendor Lock-In | How easily can we migrate away? | Open standards and exportable data |
| π Performance & Scale | Does it fit our growth model? | Scalable, maintainable |
| π€ AI Integration | Does it expose internal data? | Only if privacy-respecting or self-hosted |
| π’ Business Context | Is the data already public or non-sensitive? | Cloud acceptable under control policies |
π Open Source vs. Cloud Tools¶
β Open Source (Default)
- Full transparency into code and data flows.
- Customizable and aligned with our mission.
- Ideal for core engineering systems: CI/CD, firmware builds, device management, analytics, and AI pipelines.
Examples: GitLab (self-hosted), Matrix/Element, Nextcloud, Grafana, Hugging Face local inference servers.
β οΈ Cloud Tools (Controlled Use)
Some business operations benefit from managed cloud platforms β provided we manage exposure and contractual controls.
We adopt cloud tools when they:
- Do not process user or device data, or
- Handle already public or non-sensitive information (e.g., marketing content, candidate CVs, CRM data), and
- Offer data export and deletion capabilities.
βοΈ Pragmatic Compromises for Business Operations¶
At Brax, compromise never means carelessness β it means we understand the dataβs context and sensitivity. We may use trusted cloud tools for specific business areas where privacy risk is inherent but manageable.
| Domain | Typical Data | Acceptable Cloud Use | Controls |
|---|---|---|---|
| π’ Marketing & Advertising | Website traffic, campaign metrics, lead data | Analytics, SEO tools, ad networks | Use privacy filters, anonymization, consent-based tracking |
| πΌ Sales & CRM | Contact info, business communication | HubSpot, Pipedrive, Salesforce | Limit personal data; enforce GDPR compliance |
| π³ Payment Processing | Billing, transaction metadata | Stripe, PayPal | Tokenized; Brax does not store card data |
| π Recruiting & HR | Applicant resumes, job posts | Greenhouse, Lever | Store only necessary personal data; delete post-hire cycle |
| π± Social Media & PR | Public-facing content | LinkedIn, X, YouTube | No internal or customer data sharing |
| βοΈ Email & Collaboration | Internal discussions, outreach | ProtonMail, Google Workspace (restricted) | Segregate sensitive communication via secure channels |
Key Rule: Cloud tools may be used only where the data is already exposed by nature or is non-sensitive. Internal product telemetry, user data, and system logs remain strictly under Braxβs control.
π€ Artificial Intelligence and Privacy¶
AI adds tremendous capability β but also privacy risk. Our stance remains: use AI, but guard the data.
π AI Usage Principles¶
β Acceptable AI Uses¶
- π» Local AI coding assistants
- π Internal analytics on anonymized telemetry
- βοΈ Marketing content generation (with non-user data)
- π€ Automated documentation and testing tools
π Decision Process¶
- Propose: Engineer or team identifies a need.
- Evaluate: Assess open-source and cloud alternatives using the criteria above.
- Classify Data Sensitivity:
- Level 1: User or device data β Self-host only
- Level 2: Internal but non-sensitive β Cloud with contract controls
- Level 3: Public/business data β Cloud acceptable
- Review: Privacy and security teams approve or reject.
- Trial: Deploy small-scale pilot.
- Document: Record decision and rationale.
- Reassess: Reevaluate every 6β12 months.
π― Conclusion¶
Brax Technologies operates in the real world β where privacy, performance, and business needs must coexist. We protect user trust at all costs while staying agile and competitive through smart tool choices.
π Privacy is our principle. βοΈ Pragmatism is our practice. π€ Trust is our advantage.