Your data never leaves your hands
Wardian is architected so that no one — not even us — can access your data. Privacy is not a policy. It's the engineering.
Last updated: March 9, 2026
End-to-End Encrypted by Default
All conversations are encrypted with AES-256-GCM directly in your browser before being sent to our servers. We store only ciphertext. We cannot read your messages — even if compelled by law.
AI Inference in Hardware Enclaves
Your prompts are sent to Chutes, which runs LLM inference inside Trusted Execution Environments (TEE) with AMD SEV-SNP hardware isolation. Your data exists only in the enclave's volatile memory during processing — invisible to the host, the cloud provider, and to us. No AI provider ever sees your data in clear text.
Encrypted at Every Layer
Your data is encrypted at rest (AES-256), in transit (TLS 1.3), and end-to-end in your browser. OAuth tokens for connected services are encrypted with Fernet before storage. Encryption keys for your conversations never leave your device.
No Training. No Sharing. No Exceptions.
Your data is never used to train AI models — not by us, not by our LLM providers. We do not sell, share, or monetize your data in any way. Your data exists to serve you, and only you.
011. Data We Collect
We collect only the minimum data required to operate the service:
- Account information: email address, name, and hashed password (or SSO identity)
- Usage metadata: anonymized analytics (page views, feature usage) — never conversation content
- Conversations: stored as ciphertext only — encrypted end-to-end in your browser before reaching our servers
- Integration tokens: OAuth credentials for connected services, encrypted at rest with Fernet (AES-128-CBC)
022. Third-Party Integrations (Google, Slack, etc.)
When you connect a third-party service, Wardian accesses only the data you authorize via OAuth consent:
What we access
- Gmail: email metadata, message content, labels, and drafts (scopes: gmail.readonly, gmail.send, gmail.compose, gmail.modify)
- Calendar: event titles, times, attendees, and descriptions
- Slack: messages in channels you grant access to
- Other integrations: only the data scopes you explicitly approve during OAuth consent
Why we access it
- To answer your questions by searching across your connected services
- To perform actions you explicitly request (send an email, create a ticket)
How we protect it
- OAuth tokens are encrypted at rest and never logged
- Data retrieved from integrations is never stored on our servers beyond the conversation context
- Data retrieved from integrations is never shared with third parties
- LLM processing happens inside TEE hardware enclaves (Chutes) — no AI provider sees your data in clear text
- You can revoke access to any integration at any time from your dashboard
033. How We Process Data
We process your data exclusively for:
- Service delivery: running the agent, executing tool calls, generating responses
- Security monitoring: detecting unauthorized access, abuse prevention
- Billing: tracking token usage for plan enforcement
- Support: responding to your requests when you contact us
- We do NOT use your data for advertising or profiling
- We do NOT sell your data to third parties
- We do NOT use your data to train AI models
044. LLM Processing & AI Security
This is where Wardian is fundamentally different from other AI assistants.
- All LLM inference runs through Chutes, a provider that executes models inside Trusted Execution Environments (TEE) with AMD SEV-SNP hardware isolation
- Your prompts and responses exist only in the enclave's volatile memory during processing — they are never written to disk by the LLM provider
- The host machine, the cloud provider, and Chutes operators cannot inspect the enclave's memory
- No conversation data is retained by the LLM provider after the response is generated
- Cryptographic attestation is available to verify enclave integrity
055. Data Storage & Encryption
We apply defense-in-depth encryption to protect your data:
- All conversations are end-to-end encrypted (AES-256-GCM). Encryption keys are derived in your browser and never sent to our servers. We store ciphertext only — we cannot decrypt your conversations
- All data is encrypted at rest on our servers (AES-256 disk encryption)
- All data is encrypted in transit (TLS 1.3)
- OAuth tokens for connected services are encrypted at rest with Fernet (AES-128-CBC)
- LLM inference is processed inside hardware enclaves (TEE) — your prompts never exist in clear text outside the enclave
066. Data Retention & Deletion
- Conversations: retained as ciphertext until you delete them. We cannot read their content
- Integration tokens: retained while the integration is connected. Deleted immediately upon disconnection
- Account data: deleted within 30 days of account deletion request
- Backups: purged within 90 days of deletion request
077. Your Rights (GDPR)
If you are in the European Economic Area, you have the right to:
- Access: request a copy of all data we hold about you
- Rectification: correct inaccurate personal data
- Erasure: request deletion of your data ("right to be forgotten")
- Portability: receive your data in a structured, machine-readable format
- Objection: object to data processing for specific purposes
- Withdraw consent: revoke consent at any time without affecting prior processing
To exercise any of these rights, contact [email protected]. We respond within 30 days.
088. How to Revoke Access
- Disconnect integrations: Go to Settings > Integrations > click "Disconnect" on any service. OAuth tokens are deleted immediately
- Delete your account: Go to Settings > Account > Delete Account. All data is purged within 30 days
- Revoke Google access directly: Visit your Google Account permissions at myaccount.google.com/permissions and remove Wardian