Wolfia

Description Permissions Security & Compliance

Wolfia helps sales, security, and success teams answer vendor questions in seconds, right inside Slack. Connect your existing knowledge (policies, past questionnaires, docs, wiki) and Wolfia returns cited, trustworthy answers you can use immediately in channels or DMs.How it works in Slack
• Use the @wolfia in any public channel or the directly message Wolfia to ask a question and get an answer in seconds.
• Wolfia replies with a concise answer plus source links to your verified knowledge.
• One click to insert the answer into your message, or open in Wolfia for deeper editing.
• Upload a questionnaire file or paste a portal URL to draft responses you can review and send.
• Get notifications on questions assigned to you and answer them directly in Slack
• Add knowledge into Wolfia without leaving your workflow.What teams use Wolfia for
• Security questionnaires (OneTrust, Zip, and other portals)
• RFPs and RFIs across formats (web, Excel, Word, PDF)
• Buyer FAQs and technical deep dives, without pulling in SMEs
• Trust center content that stays currentWhy Wolfia
• Cited answers from your approved knowledge base (not the public internet)
• Minutes, not weeks to complete questionnaires and RFPs
• Least‑privilege access and admin controls; unlimited users, no per‑seat feesAI disclaimer
Wolfia uses large language models to generate and summarize content. Outputs may be inaccurate or incomplete. Always review before sharing. Wolfia does not use Slack data to train LLMs. See our privacy policy for data usage and retention details.

Wolfia will be able to view:

Wolfia will be able to do:

Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.

General

Privacy & data governance

Data retention policy

Wolfia retains customer data only for the duration of the customer relationship and purges all such data from its systems within 90 days after service termination. Customers may request shorter retention periods or enable configurable ephemeral modes limiting data storage to active sessions. Backups and data retention adhere to these policies, including strict deletion aligned with GDPR requirements. Wolfia enforces a default 90-day data retention policy with options for customization, ensuring no persistent retention beyond these terms, and maintains a contractual Zero Data Retention agreement specifically for its AI services.

Data archiving and removal policy

Wolfia retains customer data only for the duration of the customer relationship and ensures complete purging of all such data within 90 days following service termination. Customers have options to configure shorter data retention periods. For specific data retention or deletion requests, customers can contact support@wolfia.com. Data archival uses automated lifecycle policies in secure AWS S3 buckets that implement versioning, Object Lock for compliance holds, and scheduled archival to lower-cost storage tiers before deletion, aligning with legal and regulatory requirements. Additionally, Wolfia maintains a contractual Zero Data Retention agreement for its AI services, ensuring no persistent storage or use of customer data beyond active processing. Encryption safeguards data both at rest, using AES-256 encryption, and in transit, via TLS 1.3 or higher. The data archival and removal workflow is carefully designed to comply with SOC 2 Type II, with configurable data residency options.

Data storage policy

Wolfia manages customer data with a comprehensive data storage policy designed to meet the highest privacy and security standards. Data is retained only for the duration of the customer relationship and is fully purged within 90 days following service termination, unless a shorter retention period or ephemeral storage is specifically configured. Backups and archival copies strictly follow these retention settings, with regular validation testing and deletion processes aligned with regulatory and contractual obligations, including SOC 2 Type II, ISO 27001, and GDPR. Data at rest is always encrypted using AES-256-GCM, and data in transit is protected using at least TLS 1.3. Access controls are enforced through RBAC, SSO integration, and strong IAM policies. Wolfia’s storage infrastructure primarily consists of AWS Aurora PostgreSQL for structured data and S3 object storage for documents and backups, each configured with versioning, lifecycle policies, and cross-region replication for durability and disaster recovery. All customer data processing occurs in the United States. For AI features, Wolfia guarantees Zero Data Retention by contract—no customer data used for AI model inference is stored or used for model training. Automatic PII scrubbing and GDPR-compliant deletion capabilities are in place, with audit logs to track data removal. Wolfia rigorously vets all subprocessors and requires zero data retention and prohibition on human review wherever customer data is processed.

Data center location(s)

United States

Data hosting details

Wolfia hosts all customer data exclusively in a cloud-native environment on Amazon Web Services (AWS). Structured data is stored in AWS Aurora PostgreSQL databases, while documents, backups, and archives are managed in Amazon S3. All data at rest is encrypted using AES-256, and all data in transit is secured with TLS 1.3 or higher. Cryptographic keys and secrets are managed using AWS Key Management Service (KMS) and AWS Secrets Manager, with automatic key rotation and comprehensive audit logging. Access to sensitive data is tightly controlled with Multi-Factor Authentication (MFA), role-based access controls (RBAC), network isolation, and real-time monitoring. Data processing and storage is restricted to the United States, and data retention policies are customizable to meet customer and regulatory requirements, including options for ephemeral storage and rapid deletion. AWS infrastructure employed by Wolfia is designed for high availability, fault tolerance, and compliance with SOC 2, ISO 27001, and other security standards.

Data hosting company

AWS, Azure

App/service has sub-processors

yes

Guidelines for sub-processors

https://trust.wolfia.com/?tab=subprocessors

App/service uses large language models (LLM)

yes

LLM model(s) used

OpenAI's models (o3, o4 mini, GPT 5, GPT 4.1)

LLM retention settings

Wolfia enforces a strict Zero Data Retention policy for its Large Language Models (LLMs), ensuring that no customer data is stored or used beyond active inference sessions or for model training.

LLM data tenancy policy

Wolfia has contractual Zero Data Retention with all AI/LLM providers: customer data is never stored, logged, or used for training beyond the active request. All LLM interactions are processed ephemerally under enterprise-grade, no-retention API terms.

LLM data residency policy

Wolfia's data residency policy for its Large Language Models (LLMs) ensures that all processing and storage of customer data occur exclusively within the United States. We enforce a strict Zero Data Retention policy for LLM inputs and outputs.

Certifications & compliance

Security