Account & Security

How DNA protects client data

Understand where your client data lives, who can access it, and how DNA handles security and privacy.

Introduction

This page explains how DNA handles the client information you put into the product: where it lives, how it is protected, and who has access to it. Use it to answer compliance questions from your firm or regulators, or just to get a clear picture of what happens behind the scenes.

Where your data lives

DNA stores every piece of client data you enter in Microsoft Azure's Canada East region. That includes:

  • Client profiles and their basic details.

  • Every asset, debt, beneficiary, and coverage record.

  • Every note and document you upload.

  • Every needs analysis you run.

DNA does not replicate client data outside Canada. If a third-party service ever becomes part of the data path, we evaluate it against the same Canadian residency standard before turning it on.

Encryption in transit and at rest

DNA encrypts data in two places:

  • In transit: every connection between your browser and DNA uses HTTPS, so data is encrypted on the wire.

  • At rest: the database and file storage behind DNA use Azure's built-in encryption, so stored data is encrypted as well.

How AI processing works

Helix and the document extraction flow at client creation run on Azure OpenAI's models in the Canada East region. That means:

  • Client data does not leave Canada during AI processing.

  • Every prompt and response stays inside Azure's Canadian infrastructure.

  • Azure does not use your data to train its AI models.

Who can see what

Access to client data follows your plan's structure:

  • Starter and Pro: you are the only advisor who can see the client files on your account.

  • Team: every active team member can see every client file in the workspace. There is no per-client access restriction beyond team membership.

  • DNA staff: a small number of DNA employees can access production systems for support and operations. DNA logs every staff access and governs it under our internal policies.

Invited-but-not-yet-joined advisors cannot see any client data until they accept the invite and complete sign-in.

Authentication

DNA uses WorkOS, a specialist identity provider, to handle all sign-ins. WorkOS manages password storage, reset flows, and the sign-in form itself. DNA never stores your password.

Getting a copy of your data, or deleting it

DNA does not currently have self-serve data export or account deletion inside the product. If you need either one, email support@dynamicneedsanalysis.com. The team will confirm your identity, process the request, and send back the data or confirmation.


On this page

Title