Security & Data Privacy

As a service business, you handle sensitive client information every day — personal details, documents, and confidential records. We take the security of that data as seriously as you do. Here is exactly how WIDEN AI protects your business and your clients.

1 Data Storage & Infrastructure

Your business data is stored securely using modern cloud infrastructure with multiple layers of protection.

Hosting

Hosted on Railway cloud infrastructure with enterprise-grade reliability and automated backups.

Encryption in Transit

All data transmitted between your browser and our servers is encrypted using TLS/SSL (HTTPS).

Encryption at Rest

All database storage is encrypted at rest, ensuring your data is protected even at the infrastructure level.

Data Isolation

Each user's data is completely isolated through strict user-level access controls. No user can access another user's data.

Multi-tenant isolation: Every database query in WIDEN AI is filtered by your unique user ID. Your emails, clients, documents, and notes are never mixed with or visible to any other user on the platform.

2 Email Security

We understand that email access is one of the most sensitive permissions you can grant. Here is how we handle it responsibly.

Gmail — OAuth 2.0: When you connect your Gmail account, we use Google's official OAuth 2.0 authentication. We never see, store, or have access to your Google password. You authorise specific permissions through Google's own consent screen.
IMAP — AES-256 Encryption: For IMAP email connections (Outlook, Yahoo, custom providers), your credentials are encrypted with AES-256 encryption before being stored. They are only decrypted in memory during email sync operations.
Read-only by default: WIDEN AI only reads your emails to classify and organise them. We never modify, delete, or send emails from your account without your explicit action (such as clicking "Send Reply" or "Send Follow-up").
Disconnect anytime: You can disconnect your email account at any time from the Email Manager settings. This immediately removes all stored tokens and credentials.

Your email, your control. We sync your emails to help you manage leads and clients more efficiently. Every send action requires your explicit approval — we will never send an email on your behalf without you clicking the button.

3 AI Processing

WIDEN AI uses advanced artificial intelligence to classify emails, extract documents, and draft replies. Here is how we ensure your data stays private during AI processing.

Powered by Anthropic's Claude AI: We use Claude, one of the world's most advanced and safety-focused AI models, for all AI features including email classification, document extraction, and reply drafting.
No data storage by AI provider: Anthropic does not store, retain, or use your data for training purposes. Data sent to Claude for processing is handled in real-time and discarded after the response is generated.
Minimal data sent: We only send the minimum necessary context to the AI for each task. For example, when classifying an email, only the email content is sent — not your entire inbox or client database.
No third-party sharing: Your data is never shared with, sold to, or accessed by any third party beyond the essential AI processing described above.

Anthropic's commitment: Anthropic's commercial API terms explicitly state that they do not train their models on customer data. Your client information remains confidential throughout the AI processing pipeline.

4 Document Security

Service businesses regularly handle sensitive documents and confidential records. We treat every uploaded document with the highest level of care.

Isolated storage: All uploaded documents are stored in isolated, user-specific directories. Each user's documents are physically separated from every other user's files.
Owner-only access: Documents are only accessible by the user who uploaded them. There is no shared access, no admin viewing, and no cross-user file access.
No sharing between users: Documents are never shared, copied, or made visible between different users on the platform. Your client's passport scan is visible only to you.
Secure extraction: When AI extracts data from uploaded documents (such as passport details), the extraction happens securely and the results are stored only in your account.

5 Your Control Over Your Data

We believe you should always be in full control of your data. Here is what you can do at any time.

Export your data: You can export your client records, email data, and documents at any time. Your data belongs to you.
Delete your account: You can request complete deletion of your account and all associated data. We will permanently remove all your emails, clients, documents, notes, and activity history.
Disconnect email access: Remove email integration with one click from your Email Manager settings. All stored tokens and credentials are immediately deleted.
No lock-in: Start with a 14-day free trial — no credit card required. If WIDEN AI is not right for you, simply stop using it. No cancellation fees, no hidden charges.

Transparent data practices. We will never hold your data hostage. If you decide to leave WIDEN AI, we make it easy to take your data with you and ensure nothing remains on our servers.

6 Compliance & Standards

We are committed to meeting and exceeding the regulatory requirements that matter to Australian service businesses and their clients.

Australian Privacy Act 1988: WIDEN AI is fully compliant with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs). We handle personal information in accordance with these requirements.
GDPR-aware practices: While primarily serving Australian businesses, we follow GDPR-aware data handling practices for any clients or contacts based in the EU, including data minimisation and purpose limitation.
Working towards ISO 27001: We are actively working towards ISO 27001 certification — the international standard for information security management systems.
Australian-hosted infrastructure (planned): We are planning migration to Australian-hosted servers (AWS Sydney region) to ensure all data remains within Australian jurisdiction.

Client confidentiality is paramount. As business operators ourselves, we understand the professional and legal obligations around client confidentiality. WIDEN AI is built from the ground up to respect and protect the business-client relationship.

Ready to Try WIDEN AI?

Start your 14-day free trial with confidence. No credit card required, and your data is protected from day one.

Start Your Free Trial