Is Your Data Safe With WAARD?

Your data is hosted in the EU. It does not leave. No transfer to the US, no cross-border replication, no quiet backup to a region you did not approve. The hosting provider sits inside the EU and is bound by GDPR.

That matters in the conversation with your data protection lead. It matters when an auditor asks. And it matters because the alternative, US cloud regions or unclear routing, ends a GDPR review before it starts.

Two principles drive how we treat your data.

First: it is yours. If you want it gone, it is gone. Every record and every file you upload is deletable directly from the account. No support tickets. No 30-day backup window where the data lingers somewhere. When you press delete, it leaves the database and the blob storage at the same time.

Second: we do not train on it. Most work that touches your data runs on language models we host ourselves, on infrastructure inside the EU. Where we rely on an external model, we only use European providers that are contracted not to train on customer data. Either way, nothing you upload ends up in someone else's training set.

Encryption is not one thing. It is several layers that all have to hold for data to stay safe. WAARD applies it at each one:

• Row-level encryption: each row in the database is encrypted, not just the disk underneath it. If someone got read access to the raw tables, they would see ciphertext.

• Blob storage encryption: files you upload (PDFs, evidence documents, policy exports, scan results) are encrypted at rest in storage. The same goes for any backups.

• Sensitive information masking before any model call: before a language model ever sees a prompt that includes your data, sensitive fields are masked. Names, email addresses, internal identifiers, and other personal data are replaced with placeholders. The model answers about a structured pattern, not about a real person.

If one layer is bypassed, the next one still holds. That is the point.

Two controls keep accounts honest.

One-time codes at signup: there is no email and password combination to leak. You receive a one-time code by email, enter it, and you are in. No password to phish, no reuse risk from a breach somewhere else on the internet.

Role-based access inside your organisation: you decide who sees what. Roles range from read-only auditor to full admin, with permissions you can tune in between. The default is least privilege. Adding people does not flatten your security posture.

When you upload a policy document, an asset list, an incident note, or evidence for an audit, four things are true at the same time:

• It is encrypted at the row level and at the storage layer.
• It never crosses an EU border.
• It is never used to train a model.
• You can delete it at any time, immediately and completely.

That is the floor we hold ourselves to, not a future roadmap item. It is how the platform is shipped today.