Tidal Wave · Trust

Trust posture, in plain terms.

How Tidal Wave handles your data, what we will show you, and what we will not claim. Wave sits beside your stack, reads through native connectors, and writes back only what you can audit, roll back, and switch off.

Quick answer

Tidal Wave is a per-tenant marketing intelligence platform built on three verifiable claims: tenant isolation is enforced at the database layer and covered by automated tests, consent is enforced at the boundary and fails closed, and every CRM write is logged with its before and after values and reversible in one click. We demonstrate each claim live in security reviews rather than asking you to take it on faith.

The trust facts

  • Row-level tenant isolation the runtime cannot bypass
  • Consent enforcement that fails closed
  • One-way suppression: opt-outs never auto-reverse
  • Every write logged with before and after values
  • One-click rollback and a two-layer kill switch
  • One model per tenant, no shared training
  • Read-only and no-API-key onboarding paths

Last updated July 2026

The three claims

Three claims to hold us to.

Security reviews run on proof, not prose. These are the claims Wave is built around, and every one of them is demonstrable in a live session.

Isolation is provable

Every record is tenant-scoped and enforced by row-level security at the database layer, a control the application runtime cannot bypass. Automated tests cover the isolation boundary and run on every change.

Consent fails closed

Do-not-contact people are never written to. Do-not-predict people are never scored. Suppression is a one-way ratchet: an opt-out can suppress a record, and nothing ever auto-un-suppresses it.

Every write is audited and reversible

Each CRM write is logged with the previous value, the new value, and the model version that produced it. Rollback is a first-class operation, and a two-layer kill switch stops writeback instantly.

Verify, do not trust

What a security review gets: a working session, not a slide.

We would rather show the controls than describe them. A review session walks through four live demonstrations on a working tenant.

  1. 01

    Watch the isolation suite run

    The automated cross-tenant isolation tests run live, so you see the database refuse cross-tenant reads and writes instead of reading about it in an architecture diagram.

  2. 02

    Inspect the writeback preview

    Before Wave writes anything, the console shows exactly which fields it would write per contact, with suppressed people visibly withheld. You review the writes before they exist.

  3. 03

    Flip the kill switch

    Watch writeback stop instantly when the per-tenant switch flips, and confirm nothing reaches your CRM while it is off.

  4. 04

    Read the audit trail

    Walk the write log: previous value, new value, model version, timestamp, and the rollback path for any write Wave has made.

What we do not do

Deliberate non-goals, stated up front.

Trust includes being clear about what Wave is not, and holding the line.

Your sources
Wave
HubSpot

Wave does not become your system of record. It does not message your recipients: no email, SMS, push, or ads, ever. It does not train shared models across customers, and it does not sell or share your data. Onboarding can start read-only, and for teams that cannot grant API access at all, Wave onboards by secure file upload or a read-only warehouse view.

Related: No-API-Key Onboarding, AI Accuracy Eval Harness, AI Lift Experiments.

Where we are

Stage-honest: what we claim, and what we do not.

Tidal Wave is early access, working with design partners. We say exactly what is in place today versus on the roadmap, and we claim no certification until it is held.

What we do not claim
What we do claim
SOC 2 certification today.
A SOC 2 readiness program under way, with the controls above demonstrable live today.
A finished compliance story.
A DPA, subprocessor list, security review pack, and technical whitepaper, available on request.
Enterprise scale today.
Early access at design-partner stage, on an architecture built multi-tenant from day one.
Perfect AI.
Measured AI: accuracy scored continuously on your content, gated before changes go live, and lift proven by a built-in holdout.

FAQ

Questions security and procurement teams ask.

Is my data isolated from other customers?

Yes, at the database layer. Every record is tenant-scoped and enforced by row-level security policies the application runtime cannot bypass, and automated isolation tests cover the boundary on every change. Wave also trains one model per tenant, so your data never trains anyone else's.

Do you train models across customers?

No. Wave classifies and predicts with one model per tenant. Your contact and engagement data never enters a shared or cross-customer model, and every prediction is stamped with the model version that produced it.

What happens when someone unsubscribes or opts out?

Suppression flows in from your systems and is enforced at the boundary: do-not-contact people are never written to, do-not-predict people are never scored. Suppression is a one-way ratchet, an opt-out can suppress a record, and nothing in Wave ever auto-un-suppresses it.

Can Wave's writes be undone?

Yes. Every CRM write is logged with the previous value, the new value, and the model version that produced it, and rollback is a first-class operation. Writeback is off by default until you opt in, and a two-layer kill switch stops it instantly, per tenant or platform-wide.

Can we onboard without granting API access?

Yes. For teams that cannot grant OAuth or API keys, Wave onboards by secure file upload or a read-only warehouse view, so the security review can say yes without a standing integration.

Are you SOC 2 certified?

Not yet, and we will not claim it until it is held. A SOC 2 readiness program is under way, and in the meantime security reviews get a live working session plus the security pack, so you can verify the controls directly.

Do you have a DPA and a subprocessor list?

Yes. The DPA, current subprocessor list, security review pack, and technical whitepaper are available on request.

How do I run a security review?

Request the security pack and we will schedule a working session: the isolation test suite run live, the writeback preview on a read-only connection, a kill-switch demonstration, and audit-trail inspection.

Verify it yourself

Request the security pack and DPA.

Book a session and we will run the review live: the isolation suite, the writeback preview, the kill switch, and the audit trail, on a working tenant.

Request the security pack