Trust & security
Your archive is the business. We protect it like one.
Wukanda is a cloud web app: your team signs in from any browser, and we run the secure workspace so you do not have to manage servers. Your firm's archive, prompts, and people live in their own isolated space. This page lays out, in plain language, how we handle your data and where you stay in control.
Last updated June 2026
Isolated per firm
Your workspace is separated from every other firm's.
Encrypted in transit & at rest
Protected with strong encryption the whole way through.
Human-approved
AI drafts; your team approves before anything ships.
You own your data
Export it or delete it whenever you want.
Data handling
What happens to your data
A plain-language summary of every kind of data Wukanda touches, and what we do with it.
Your documents & archive
Stored inside your firm's isolated workspace and encrypted in transit and at rest. Used only to answer your team's requests. Never used to train AI models, and never shared with another firm.
AI prompts & responses
Sent to the AI provider serving your request under enterprise no-training terms, then kept in your workspace history so your team can review every output. Not sold or repurposed.
Credentials & secrets
Encrypted at rest, scoped to your workspace, and never displayed back to anyone in plaintext.
Usage analytics
Privacy-safe product metrics only — no document contents and no client data. Helps us understand what to improve.
Account & sign-in
Handled over encrypted connections, with single sign-on (SSO) available for firms that need it.
This page describes Wukanda's cloud web application. Drawings, specs, proposals, and client data you bring are treated as confidential by default.
AI & control
Where AI runs, and who stays in control
Enterprise AI, on no-training terms
When your team asks Wukanda something, the request is routed to an enterprise AI provider that has contractually agreed not to train on your content. Depending on the workload and your firm's requirements, that provider may be:
- Anthropic (Claude)
- OpenAI (GPT)
- Google (Gemini)
- AWS Bedrock
- Microsoft Azure AI Foundry
Your archive is never used to improve a shared model.
Human-approved by default
Wukanda drafts; your people decide. Every recommendation, proposal section, and report draft stays reviewable before it goes anywhere.
Nothing is auto-sent, auto-filed, or published on your behalf. The senior judgment that defines your firm stays with your firm.
Operations
The operational details
Data residency & encryption
Your data is encrypted in transit (TLS) and at rest on established cloud infrastructure. If your firm has specific data-residency or network requirements, we scope them during onboarding.
Access & ownership
You own your data. Access is role-based inside your workspace, so people see what their role allows. Export your data whenever you need it, and we remove it on request or when an engagement ends.
Subprocessors
We rely on a short list of vendors to operate: the enterprise AI providers above, cloud hosting and infrastructure providers, and privacy-safe product analytics (Google Analytics). We will share the current, complete subprocessor list and sign a DPA on request.
Incident response
If a security issue arises, we investigate promptly and notify affected firms of any material incident without undue delay. Found a vulnerability? Email hello@wukanda.co and we will get back to you quickly.
Compliance
We are an early-stage company and do not yet hold a formal certification such as SOC 2. We are glad to sign a Data Processing Agreement, complete your security questionnaire, and walk your team through exactly how your data is handled.
Security contact
Talk to us about security
Have a security question, a vendor questionnaire to complete, or a vulnerability to report? We would rather hear from you. We will sign a DPA and walk your team through exactly how your data is handled.