One place for your family's records
Wholekin
Trust, privacy, and governance
Trust starts with clear boundaries.
Wholekin asks families to organize sensitive records in one place, so our trust model has to be plain: isolate each family workspace, collect for a clear purpose, enforce tenant boundaries at the database layer, govern access through SIAM, protect private data, and make Whoki-assisted workflows accountable to the people they serve.
Your family's records are not used to train AI models.
Family records are protected by workspace boundaries and Sophisticated Identity and Access Management.
Database row-level security protects family-scoped live records and audit history.
Privacy, security, and AI governance are treated as product requirements.
Claims stay grounded in controls we can explain and improve.
Trust is earned in the product
The important trust questions are practical: which family owns this, who can see it, what database boundary protects it, why is it stored, and what happens when roles or family needs change.
Row-level security keeps family-scoped records and audit history isolated inside the database.
SIAM keeps visibility and authority explicit for family members, staff, and trusted advisors.
GDPR-aware data practices shape how records are collected, retained, exported, and removed.
EU AI Act aware governance keeps Whoki assistance bounded by purpose, transparency, and human control.
How we earn trust
Practical commitments for private household data
Purpose-limited data handling
Wholekin is built for your family's records — not for advertising. Your data stays tied to the reason you put it in.
Layered family isolation
Each family workspace has its own record boundary, SIAM keeps visibility tied to the right people and roles, and row-level security enforces the boundary inside the database.
Rights-aware privacy operations
We follow GDPR — access, export, deletion, and clear purpose for the family records you store with us.
Responsible AI governance
Where Whoki-assisted processing is used, we design for transparency, human control, and EU AI Act aware safeguards around private records.
Operational discipline
Trust depends on how changes are made. We use validation, code review practices, CI checks, logging, and controlled infrastructure patterns.
Security that can be explained
We describe the controls in place plainly, including authentication, family workspace isolation, SIAM, protected infrastructure, and change quality.
GDPR
Data handling is shaped around purpose limitation, minimization, data subject rights, export, deletion, and privacy-aware operations for EU families and advisors.
EU AI Act
Whoki-assisted workflows are designed around clear purpose, transparency, human oversight, and boundaries that keep family records from becoming training data.
Privacy by design
Workspace isolation, database row-level security, visibility rules, session handling, SIAM, and record boundaries are part of the product model instead of a layer added after launch.
Continue your review
Review the technical controls behind the trust model.
The security page covers database row-level security, authentication, SIAM, infrastructure, quality gates, and protected data handling in more detail.