Button Text

Built to Handle the World's Most Sensitive Financial Data

Built by engineers with experience handling mission-critical financial datasets, security isn't an afterthought—it's our foundation.
Data Usage Guarantees
We never use your data to train our generative models. Your data is used exclusively for your insights, maintaining complete data privacy.
Third-Party Integrations
Encrypted data interactions that deliver private and exclusive responses. Your data pipelines are always protected and subject to our secure integration protocols.
Core Security Pillars
Industry-Leading Encryption
All data is encrypted in transit and at rest. Your data is stored using industry-leading encryption and security protocols to safeguard it from unauthorized access.
Strict Access Controls
Data is stored in isolated infrastructure sections to maintain complete separation from other customers. Only authorized personnel with verified credentials can access your data, ensuring your privacy is protected.
Compliance & Best Practices
We comply with global data protection standards (including GDPR, CCPA, etc.), to ensure your rights and privacy are always upheld. Customers can easily manage privacy settings, request access to information, or choose to delete data at any time.

FAQs

How does Brightwave keep my data secure?

We take data protection extremely seriously. All data is encrypted with industry-standard protocols (SSL for in transit, AWS KMS for data at rest). Okta single sign-on (SSO) gates our core systems and user privileges are tightly managed with programmatic Access Control Lists (ACLs).

Does Brightwave use our data to train its models? 

No. Your data is used exclusively for your own insights and is never shared or used to train our models.

How do you handle sensitive information?

We protect your data with industry-leading encryption and security protocols, ensuring access is granted only to authorized personnel. You have full control over your privacy settings and can request access to your information or delete it at any time. We comply with global data protection standards (e.g., GDPR, CCPA) to uphold your rights and privacy.

Is Brightwave compliant with major security standards?

We are actively pursuing our SOC 2 Type 2 report and already adhere to industry-leading security frameworks. Our team includes deeply experienced security and infrastructure experts, with backgrounds spanning regulated exchanges and clearinghouses and security expertise at multi-billion financial planning companies. We also perform annual third-party penetration tests and regularly audit our code dependencies for vulnerabilities.

What is your approach to third-party risk management?

We carefully vet all third-party providers (e.g. hosting or logging services) to ensure they meet our strict security and compliance standards. Our due diligence includes verifying recognized certifications (e.g., SOC 2, ISO 27001), reviewing technical controls, and requiring contractual data protection obligations. We perform ongoing monitoring and periodic audits to ensure our third-party providers remain in compliance with our high security standards.

How long do you store my data, and can it be deleted?

By default, we retain customer data indefinitely to allow users to revisit historical analysis. However, you can request data deletion at any point (including upon offboarding) to ensure your information is removed from our systems.

What kind of support and training does Brightwave provide?

Our team is available via dedicated support channels for quick responses to any technical or product-related questions. Additionally, we provide tutorials, webinars and detailed documentation as needed to ensure your team is fully equipped to leverage Brightwave’s capabilities from a security and compliance perspective.