Encryption at rest
All user data is encrypted at rest using AES-256 encryption. Database volumes use full-disk encryption. Encryption keys are managed through a dedicated key management service and rotated regularly. Even in the unlikely event of physical storage access, your data remains unreadable.
Encryption in transit
All data in transit is protected with TLS 1.3. This applies to connections between your browser and our servers, between our services internally, and between our servers and third-party APIs (Gmail, Plaid, etc.). We enforce HSTS and certificate pinning where supported.
Infrastructure
Wingmnn runs on isolated cloud infrastructure with SOC 2 Type II certification. Access to production systems is restricted to a small number of senior engineers, requires multi-factor authentication, and is fully audited.
No-training policy
We do not use your personal data to train AI models. Your emails, calendar events, financial transactions, and other data are processed to provide you with intelligence and insights — and for no other purpose. This policy is baked into our architecture, not just our terms of service.