Trust and security

Built so we can't read your information.

What we can see, what we can't, and how your information is protected. This is the plain-English version. The formal documents are linked at the end.

Last reviewed: July 2026

The promise

Everything personal you store in PartWise lives in an encrypted vault that only you can open. Your records, your messages, your finances, your story: encrypted on your device before they reach us, readable only with a key that you hold.

That is not a policy decision we could quietly change later. It is how PartWise is built. We cannot read your vault, and neither can anyone who might ask us to.

How the vault works

When you set up PartWise, your device creates an encryption key from credentials only you know. Everything you store is encrypted with 256-bit encryption on your device before it is sent to us. What arrives on our servers is ciphertext: scrambled data that is meaningless without your key.

Your key never leaves your control. We do not have a copy, we cannot derive one, and we cannot reset it the way an ordinary password gets reset.

This is usually called zero-knowledge architecture. In practice, it means the worst realistic outcomes, a breach of our servers or a demand for your data, yield ciphertext without the key to read it.

What we can and cannot see

We hold the minimum needed to run the service, and none of it includes what you store.

We cannot see

  • The contents of your vault: documents, messages, financial records, timeline entries, notes
  • The messages and emails you import
  • Anything you have encrypted, which is everything personal in the product

We can see

  • Your email address and account status
  • Billing status via Stripe, never your card number, which goes only to Stripe
  • Operational data any service holds: error logs, service health, aggregate usage patterns

AI and your information

When you use an AI feature, such as finding the messages that matter in an imported history, the relevant content is processed to perform that task and for nothing else.

Your information is never used to train AI models. Our AI provider is contractually barred from training on customer content.

To be precise about the mechanics: when you run an AI feature, the relevant content is sent securely to our AI provider to perform that task, and for nothing else. The results return to your vault and are encrypted like everything else you store. AI runs only when you ask it to, on the content you choose.

Nothing you store is sold, shared, or used for advertising. There are no ads in PartWise and no data buyers behind it.

Independently checked

PartWise's security has been assessed by an independent third party. In June 2026 we passed a CASA Tier 2 security assessment, the standard Google requires before granting applications access to Gmail data, conducted by an authorised independent assessor.

We also run a public vulnerability disclosure programme: security researchers are invited to test PartWise in good faith and report what they find, with safe harbour and coordinated disclosure. Read the disclosure policy

If you choose to connect your Gmail, that access is governed by Google's Limited Use requirements for restricted scopes: we can only use it to provide the features you asked for. Outlook connections are governed by Microsoft's API terms, which impose the same discipline: no more access than the feature needs, used only for its stated purpose.

Where your information lives

Your encrypted data is stored in Australia, in Supabase's Sydney region. It does not leave the country to sit in someone else's jurisdiction.

Payments are processed by Stripe. Card details go directly to Stripe and never touch PartWise's servers.

Leaving is yours too

You can export what you have built, and you can delete your account and everything in it. Deletion is real: your data is permanently removed, not archived.

The formal documents

For the legal versions of everything above:

Questions about any of this: support@partwise.com.au. If you are a professional assessing PartWise for your clients, we are happy to answer diligence questions directly.