Introduction

Wavo is a leader in digital marketing analytics for the music industry. We ingest, harmonize, and analyze billions of data points from various sources, empowering our clients to gain deep insights into their marketing performance, audience engagement, and its impact on streaming metrics. Our dashboards and tools offer streamlined visualizations tailored to various use cases: from high-level executive insights into regional marketing spend, to granular performance metrics of individual creative assets, and in-depth analysis of an artist’s audience engagement.

With such a wide range of data visualizations, dashboards can sometimes become complex and overwhelming. To address this, Wavo has introduced 'Data Assistants,' enabling users to ask natural language questions about the data displayed on screen.

Wavo is committed to safeguarding both our data and our clients' data, ensuring that no client data is used to train machine learning models.

How Wavo Uses AI Safely

Wavo’s Data Assistants simplify complex data analysis through natural language queries, enhancing user experience while maintaining strict security protocols. We integrate OpenAI’s GPT models for natural language processing, but crucially, OpenAI does not train on data provided via their API (https://openai.com/enterprise-privacy/). This ensures that data included in assistant requests and the information our clients interact with remains confidential and protected.

OpenAI is SOC 2 certified, ensuring compliance with rigorous standards for data security, availability, and confidentiality (https://trust.openai.com/). Furthermore, Wavo does not train or fine-tune language models using client-specific data. Our clients’ data is never used to improve the AI models, ensuring that all data remains within the secure environment established for each client’s organization.

This approach guarantees that while clients benefit from the power of AI, their data remains private, secure, and shielded from external usage.

Data Security and Privacy

Wavo is ISO27001 certified, underscoring our commitment to managing data security risks through industry-leading practices (https://wavo.me/wavo-analytics-platform-security). This certification ensures that we employ robust security processes for safeguarding sensitive information.

Additionally, OpenAI, our AI service provider, is SOC 2 Type II certified, meaning their data handling procedures are independently verified to meet stringent security and privacy standards. This assures our clients that any interaction with OpenAI’s models is subject to strict security and privacy protocols (https://trust.openai.com/).

Wavo employs role-based and row-level security measures to ensure strict isolation of client data. Each organization’s data is securely segregated, preventing unauthorized access or data leakage between accounts.

Assistant requests are strictly limited to the data within the user’s organization, specifically restricted to the artist or campaigns displayed on the dashboard. Every request follows the same security protocols that users are subject to, ensuring full enforcement of access controls at all times.

This ensures that data access is always contextually appropriate and contained within the scope of a user’s permissions.

Wavo adheres to a zero-trust architecture in the development of our Data Assistants. This approach assumes no user or system is inherently trusted, and data access is strictly controlled and verified at every step. Secure guardrails ensure that only the minimum necessary data is provided in response to user queries.

Critically, our Data Assistants are not connected directly to our data warehouses. Instead, they interact with data via custom-built connectors which are designed and maintained by Wavo’s engineering and security team. These connectors enforce strict limitations, ensuring that:

1. Only the exact data required to answer the query is accessed and provided to the assistant.
2. Data is isolated according to the authenticated user’s role and row-level permissions, ensuring compartmentalization.
3. Data is restricted to the subset of data that is available in the dashboard that is on-screen.

By using this layered security approach, Wavo ensures that client data is handled with the highest standards of security and privacy, minimizing risks while maximizing data utility.

Conclusion 

Wavo is committed to delivering innovative solutions, such as our Data Assistants, that make complex data understandable and actionable while upholding the highest standards of data privacy and security. By leveraging technologies like OpenAI’s SOC 2 certified language models and adhering to ISO27001 standards, we ensure that our clients’ data remains secure, isolated, and protected from unauthorized access. Our zero-trust architecture and strict data access controls guarantee that AI tools enhance user experience without compromising confidentiality, integrity and availability.

With Wavo, clients can trust that their data is not only used responsibly but safeguarded at every step, enabling them to harness the full potential of new technologies with confidence.