◉ Data & security · closed beta

What happens to your copy.

Wavelength is in closed beta, built and run by one person. This page says plainly what happens to the copy you paste, where it goes, who can see it, and what we can and can't promise yet. No badges we haven't earned. No certifications we don't have. The facts.

What happens when you run a test

When you submit a message:

Your copy, the personas you've selected, and your test settings go from your browser to Wavelength's backend, hosted on Vercel.
The backend sends that content to Anthropic's API to generate the persona reads and the verdict.
The result comes back and is saved to your account in Wavelength's database, so you keep your history.
You see the read.

Your message content touches three systems: Vercel (compute), Anthropic (the AI that generates the read), and Neon (the database where your tests are stored). That's it for your content — a fourth provider, Clerk, handles your login, but never sees what you test.

Is my data used to train AI models?

No. Not by us, and not by the provider that runs the AI behind your reads.

Wavelength does not train any model on your content. We have no model of our own, and we don't sell or share your data with anyone.

Anthropic, which runs the AI behind your reads, does not use commercial API content for training — the content you test is excluded. Anthropic keeps API content only briefly, for safety and abuse review, then deletes it. Zero data retention may be available for qualifying teams — if your security team needs it, ask and we'll tell you straight whether we can get it in place. You can read Anthropic's policy directly at anthropic.com/legal/commercial-terms.

What Wavelength keeps, and what it doesn't

This is the part worth being precise about.

Wavelength keeps your tests — your inputs, the reads, and the verdicts — because that history is the point. Your record of what landed and what didn't is what makes the tool more useful the longer you use it. It's stored encrypted, tied to your account, and visible only to you, plus the people you share a workspace with on team plans.

Who can reach your tests. In the product, they're visible only to you and your workspace. Behind that, Wavelength has database access to run the service and support you when you ask — and since Wavelength is a one-person company right now, that access is mine. Here's the line we hold: Wavelength learns from how the tool gets used to write guides and marketing, but only in aggregate — patterns across many tests, never your individual messages, never your copy reproduced. To use a specific example, we'd ask you first. What Wavelength never does: train a model on your data, build product on top of your content, or sell or share it.

The AI provider does not keep your content. Anthropic processes your message to generate the read and doesn't retain it beyond the short safety window above, and never trains on it.

So "stored" and "trained on" are two different things. Wavelength stores your tests so you have them. Nobody trains on them.

Where your data lives

These providers run the infrastructure behind Wavelength. Each handles a specific job:

Vercel — hosting and compute. US region.
Anthropic — the AI that generates your reads. Your content is processed to generate the read, held briefly for safety, then deleted — never used for training.
Neon — the Postgres database where your account and tests are stored. Encrypted at rest.
Clerk — login and account identity. Handles your email and authentication, not your test content.
Resend — transactional email (receipts, account and security notices). Handles your email address, never your test content.

We don't add providers quietly. If that list changes, this page changes.

Encryption

Your data is encrypted in transit between your browser, our backend, and every provider above, and encrypted at rest in the database.

Deleting your data

You own your tests. To delete your account and everything tied to it, email security@onwavelength.ai and we'll remove it from the database. Self-serve deletion is on the way; for now a person handles it directly.

What we don't have yet

Wavelength is early. Being straight about that is the point.

We don't have SOC 2, ISO 27001, a third-party penetration test, or a signed uptime guarantee. We don't offer single sign-on or audit logs. If your security team needs any of these before you can move forward, tell us — we'll be honest about what's in place and what isn't, and we can sign a data processing agreement on request.

What not to paste

Wavelength is built for testing marketing copy — messages, campaign briefs, landing-page text. Don't paste regulated or highly sensitive data: health information, payment details, government identifiers, or anything you're contractually barred from sending to a third-party processor. The tool isn't built for that, and you don't need it for that.

Questions

Email security@onwavelength.ai. A real person reads it.

Last updated June 2026