Data & Security
Built so a person approves everything before it goes out.
Most AI tools route your client data through servers you don't control, under terms you didn't negotiate. W&S is built differently. AI drafting runs through a disclosed provider we name in your engagement, configured for zero retention, and we show you exactly where your data flows before you sign. On-premise inference is on our roadmap; we will tell you where your deployment runs today. And nothing goes out on its own: a person on your team approves every outbound action before it sends, enforced by the system, not by policy.
How we handle your data
We show you exactly where your data flows.
AI drafting runs through a disclosed provider we name in your engagement, never silently. We map and document the data path before you sign, and W&S is built so inference can move on-premise as that becomes part of your engagement.
A person approves every outbound action.
Paige drafts; she never sends on her own. A reviewer on your team reads, edits, or rejects every draft before it goes out. That approval gate is enforced by the system, not by a policy we ask you to remember.
W&S does not keep your client content.
W&S does not receive a copy of your client communications or documents in the normal course of work. When we log in remotely to update your system, we connect to the automation configuration, not to your inbox or its contents. Content is sent to our disclosed AI provider only to complete the task under zero-retention terms, not retained by us as a record.
The only thing that reaches us is telemetry.
Our management connection sees system health, software versions, and queue depth. Never content. At setup we map and document the exact data path, including our disclosed AI provider, and show your team how to verify it.
You own the credentials.
Every OAuth token, API key, and access credential we configure is issued to you, not to us. If you cancel, you retain access to everything. We don't hold credentials you can't revoke.
Remote access is scoped and logged.
When we connect remotely to update or improve your automation, we use a minimal-permission connection limited to the automation system. We document every remote session in a shared log you can review.
You get a written audit runbook.
Every install ships with a client-owned audit runbook: what is logged and where, who has access, patch cadence, encryption, and the incident process. It answers the questions an IT or compliance reviewer will ask, and it shows your team how to re-verify the setup any time.
What “enforced by the system” actually means
Anyone can promise a human stays in the loop. Here is what that means in our build. These controls live at the database layer, underneath the application, so they hold even when software above them has a bug.
- 01
The approval rule lives in the database, not in the app.
The permission to mark a draft approved or sent belongs to a separate approver role inside the database itself. The drafting system never holds that role. The database checks who is asking before the change is allowed, so even a bug in the software cannot push a draft out.
- 02
The audit log cannot be edited, by anyone.
Every action is written to an append-only log. The database blocks edits and deletions to that log outright, W&S included. The record your compliance reviewer sees is the record of what actually happened.
- 03
Each firm's data is walled off at the database layer.
Isolation is enforced with row-level security. A request that has not proven which firm it belongs to sees nothing at all. Separation is the default, not a filter someone has to remember to apply.
- 04
Stored credentials are encrypted.
Every token and key is encrypted at rest with AES-256-GCM and decrypted only at the moment of use. Raw credentials never appear in logs, and a failed decryption stops the job rather than proceeding.
- 05
Sent means verified sent.
After a send, the system confirms the message actually exists in your sent mail before marking it sent. If that check fails, the item stays flagged for review instead of being assumed fine.
What we can honestly say
We don't make compliance claims we can't back up. Here is the plain-English status of every security posture a prospective client has asked us about.
| Claim | Status | What it means |
|---|---|---|
| Disclosed AI provider | Live | AI drafting routes through OpenRouter (a disclosed subprocessor) configured for zero retention. We map and document the data path in your runbook before you sign. On-premise inference is a roadmap item; we will tell you where your deployment runs today. |
| No W&S data storage | Live | W&S does not keep copies of your client emails or documents. Only telemetry reaches us; content is sent to our disclosed provider only to complete the task, not retained by us as a record. |
| Credential ownership | Live | You hold all API keys and OAuth tokens. Fully revocable if you cancel. |
| Remote access logging | Live | Every remote session documented in a log shared with the client. |
| E&O insurance | In progress | W&S Consulting LLC is a registered Georgia LLC, effective May 2026. E&O coverage is being procured. |
| AICPA SOC 2 | N/A | SOC 2 certifies a cloud provider's controls. Our disclosed AI provider (e.g. OpenRouter) is a named subprocessor whose own terms we share with you, rather than W&S-operated infrastructure your IT team would audit directly. |
| HIPAA | N/A | W&S does not receive Protected Health Information (PHI): the only thing that reaches us is system telemetry, never content. For PHI workloads we scope the data path explicitly with your compliance reviewer before onboarding. Contact us before onboarding if your practice handles PHI. |
Why disclosure changes the security calculus
Cloud AI tools have one vendor controlling your data. You read their privacy policy, accept their terms, and hope for the best when there's a breach. Your data is part of a shared infrastructure someone else manages, and you often cannot say exactly where it goes.
We name our provider in writing, configure it for zero retention, and put a person on your team in front of every send. On-premise inference is on our roadmap, and we will tell you exactly where your deployment runs today, before you sign anything.
The tradeoff: you need us to come in person to set it up and maintain it. That's a feature, not a bug. It means we know exactly what we shipped, and so do you.
Security questions we get
Can Paige send an email without a human approving it?▾
What happens to my data if I cancel?▾
Can W&S read my clients' emails?▾
What happens when something breaks?▾
Do you use any third-party AI services?▾
Is this appropriate for CPA firms with client PII?▾
Still have questions about data handling?
Book a 15-minute call. We'll walk through the exact data flow for your firm's setup, with no slides, no disclaimers, just the real architecture.