Home/Disclosures/Data Security & AI
Disclosures

Security is foundational to how we work.

We handle sensitive transaction data — purchase agreements, financial models, privileged communications — with restricted access, reputable providers, and commercially reasonable safeguards. This page describes how, in enough detail that you and your clients can evaluate it.

Plain English

The short version, in five lines.

  • Access is restricted. Only people directly working on your engagement see your deal information.
  • Reputable platforms only. Established cloud and business systems with encryption in transit and at rest.
  • NDAs are standard. Mutual NDAs with referral partners and clients on request.
  • No public AI tools for client materials. No confidential deal information is entered into consumer-grade AI tools. WolfTRI uses company subscriptions with established providers, subject to each vendor’s then-current settings and terms.
  • Retention is purposeful. Records kept as long as legal and business needs require, then deleted or archived.
Sensitive information

How we approach deal data

Every engagement involves confidential deal information. We treat that information with the seriousness it deserves: shared only as needed to market and place insurance or support an active engagement, stored using reputable service providers, and handled by personnel with a direct business need. We do not sell personal information. Mutual NDAs are available and executed as standard practice with referral partners and their clients.

Our security practices continue to mature as the firm grows. We are committed to using appropriate administrative, technical, and operational safeguards, and we welcome due-diligence questions from clients and counsel at any time.

Safeguards

Administrative & technical controls

WolfTRI maintains written information-security and incident-response procedures appropriate for its size, systems, vendor relationships, and the sensitivity of transaction information it handles. A non-exhaustive summary:

01 Access

Multi-factor authentication

MFA enabled where supported. Access to client data is restricted to individuals with a direct business need for a given engagement.

02 Workflows

Restricted handling

Sensitive materials move through controlled workflows designed to limit unnecessary access. Information is shared internally only as needed.

03 Encryption

In transit & at rest

Encryption in transit and at rest is used where supported by our underlying systems and service providers.

04 Providers

Reputable platforms

Established cloud and business platforms for data storage, communication, and engagement management.

05 Visibility

Logging & audit

Systems that provide access logging and audit capabilities where available through our platform providers.

06 Agreements

Confidentiality terms

Confidentiality and non-disclosure agreements as appropriate with personnel, referral partners, and clients.

Sharing

Information sharing

Client information is shared only as necessary to support brokerage and placement — including with insurance carriers, underwriters, and other parties directly involved in the process. We do not sell, rent, or share personal information with third parties for their own marketing. When working with third-party service providers, we seek reputable vendors and appropriate data-protection terms where applicable.

Retention

Retention & deletion

Engagement records are retained in accordance with business, legal, and operational needs. When records are no longer required, they are deleted or archived consistent with applicable obligations using commercially reasonable methods. As a matter of practice, client data is not stored on personal devices or unauthorized cloud services.

AI use

How AI is used — and limited

We use AI tools selectively and with purpose: research synthesis, market monitoring, drafting, and internal workflow support — never to make coverage recommendations, negotiate with insurers, or finalize client-facing policy language without senior review. No confidential deal information — deal terms, purchase agreements, client names, or transaction details — is entered into consumer-grade or personal AI accounts.

WolfTRI stores client materials in Microsoft OneDrive / Microsoft 365 cloud storage and may use company subscriptions with OpenAI, Anthropic, and Perplexity for work support, subject to confidentiality obligations, client instructions, and each vendor’s then-current product settings and terms. Vendor privacy, retention, and training settings vary by product tier; WolfTRI periodically reviews its configurations. Clients may request that WolfTRI not use external AI tools for a particular matter, and we will accommodate that preference where practical.

A leaner model, not an automated one. WolfTRI uses modern tools where they help, but RWI still depends on human judgment, careful policy review, ethics, and accountability when the question matters.

For counsel

What you can tell your clients

Counsel and sponsors often need short answers for their own clients:

Who sees our deal information?
Only the individuals directly involved in your engagement. Access is restricted to those with a business need.
Is the data encrypted?
Encryption in transit and at rest is used where supported by our underlying systems and service providers.
What happens after the deal closes?
Engagement records are retained for business, legal, and operational needs, then deleted or archived consistent with applicable obligations.
How do you handle vendor security?
We seek reputable service providers with established security practices and include appropriate data-protection terms where applicable.
Can we get an NDA?
Yes. Mutual NDAs are available and executed with referral partners and their clients as standard practice.
Can we discuss security in more detail?
Yes. We welcome questions about information-handling practices and are happy to walk through our approach on a call.