> ## Documentation Index
> Fetch the complete documentation index at: https://bulkgrid.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Security and Data Handling

> Understand the current security posture customers should assume when integrating Bulkgrid.

Customers evaluating Bulkgrid for production will expect answers about secrets, data boundaries, and operational hygiene.

## Authentication security

* API keys are sent using the `x-api-key` header
* keep keys on the server side
* rotate keys through your own secret-management workflow when needed
* never expose Bulkgrid credentials from browser code

## Customer-side responsibilities

Customers should:

* scope Bulkgrid usage through backend services
* log access and job history in their own systems
* avoid sending secrets through headers or content unless explicitly required and approved
* review which sources are being ingested and why

## Data handling expectations

The current docs should avoid making claims the platform has not formally documented yet. For now, customers should assume that data handling and retention details must be clarified explicitly before production rollout for sensitive use cases.

## This page should eventually include

* retention policy for results and result content
* storage and deletion expectations
* support for sensitive or regulated data boundaries
* customer-visible security controls and contact path