Privacy

Privacy at Onwinds

The kernel minimises personal data exposure by design. Authentication is delegated to Better Auth, signed intents rely on tenant-managed JWKS, and operational telemetry never contains customer payloads.

Data processing

Signed intents and evidence bundles remain customer-controlled with end-to-end encryption.
Ledger storage retains only metadata required for replay, audit, and regulatory compliance.
Support access uses audited break-glass workflows with immutable evidence of every action.

Your rights

Subject access, export, and deletion requests are handled through verified tenant administrators. Evidence bundles include the provenance needed to fulfil regulatory timelines without exposing unrelated data.

Loading the kernel surface…

Privacy

Privacy at Onwinds

Data processing

Signed intents and evidence bundles remain customer-controlled with end-to-end encryption.
Ledger storage retains only metadata required for replay, audit, and regulatory compliance.
Support access uses audited break-glass workflows with immutable evidence of every action.