Security

Our Commitment to Security

At Wingman AI, we take the security of your data seriously. As a training tool designed for interview practice, we understand the importance of protecting the personal information and practice materials you share with our application.

Data Protection

We employ multiple layers of security to protect your data:

• Local Processing: Audio is processed locally on your Mac whenever possible, reducing data transmission
• Encryption in Transit: All data transmitted to our servers uses industry-standard TLS encryption
• Encryption at Rest: Data stored on our servers is encrypted using AES-256 encryption
• Minimal Data Collection: We only collect data necessary for training functionality
• Secure Authentication: Industry-standard authentication protocols protect your account

Infrastructure Security

Our infrastructure is built with security best practices:

• Secure Hosting: Our servers are hosted with reputable cloud providers with SOC 2 compliance
• Regular Updates: We keep all systems and dependencies up to date with security patches
• Network Security: Firewalls and network isolation protect our infrastructure
• Access Controls: Strict access controls limit who can access sensitive systems
• Monitoring: 24/7 security monitoring and logging to detect potential threats

Application Security

The Wingman AI application follows secure development practices:

• Code Reviews: All code undergoes security review before deployment
• Vulnerability Scanning: Regular scanning for known vulnerabilities
• Secure Dependencies: We monitor and update third-party dependencies
• Sandboxing: The application runs with minimal system permissions
• Automatic Updates: Security updates are delivered automatically

Data Retention

We do not retain your conversation or call data. Your practice sessions are never stored or recorded on our servers. We only maintain the minimum necessary account information required to provide the service.

Third-Party Services

Wingman AI uses select third-party services (such as AI APIs) to provide functionality. We carefully vet all third-party providers for security and only share the minimum necessary data. All third-party providers must meet our security standards.

Your Responsibility

While we work hard to protect your data, security is a shared responsibility:

• Keep your account credentials secure and don't share them
• Use a strong, unique password for your Wingman AI account
• Keep your Mac and Wingman AI application updated
• Report any suspicious activity to us immediately
• Be cautious about what information you practice with during training

Incident Response

In the unlikely event of a security incident, we have a comprehensive incident response plan. We will notify affected users promptly and take immediate action to contain and resolve the issue.

Compliance

Wingman AI is committed to complying with relevant data protection regulations:

• GDPR (General Data Protection Regulation) for European users
• CCPA (California Consumer Privacy Act) for California residents
• Other applicable privacy and data protection laws

Reporting Security Issues

If you discover a security vulnerability in Wingman AI, please report it to us immediately. We appreciate responsible disclosure and will work quickly to address any confirmed issues.

Security Updates

This security page is reviewed and updated regularly as our security practices evolve. We continuously improve our security measures to protect your training data.