Built to Handle the World's Most Sensitive Financial Data



FAQs
We take data protection extremely seriously. All data is encrypted with industry-standard protocols (SSL for in transit, AWS KMS for data at rest). Okta single sign-on (SSO) gates our core systems and user privileges are tightly managed with programmatic Access Control Lists (ACLs).
No. Your data is used exclusively for your own insights and is never shared or used to train our models.
We protect your data with industry-leading encryption and security protocols, ensuring access is granted only to authorized personnel. You have full control over your privacy settings and can request access to your information or delete it at any time. We comply with global data protection standards (e.g., GDPR, CCPA) to uphold your rights and privacy.
We are actively pursuing our SOC 2 Type 2 report and already adhere to industry-leading security frameworks. Our team includes deeply experienced security and infrastructure experts, with backgrounds spanning regulated exchanges and clearinghouses and security expertise at multi-billion financial planning companies. We also perform annual third-party penetration tests and regularly audit our code dependencies for vulnerabilities.
We carefully vet all third-party providers (e.g. hosting or logging services) to ensure they meet our strict security and compliance standards. Our due diligence includes verifying recognized certifications (e.g., SOC 2, ISO 27001), reviewing technical controls, and requiring contractual data protection obligations. We perform ongoing monitoring and periodic audits to ensure our third-party providers remain in compliance with our high security standards.
By default, we retain customer data indefinitely to allow users to revisit historical analysis. However, you can request data deletion at any point (including upon offboarding) to ensure your information is removed from our systems.
Our team is available via dedicated support channels for quick responses to any technical or product-related questions. Additionally, we provide tutorials, webinars and detailed documentation as needed to ensure your team is fully equipped to leverage Brightwave’s capabilities from a security and compliance perspective.