What happens to your data on the Hosted tier.

Your workspace runs inside a multi-tenant deployment on Phoeniqs sovereign Swiss cloud infrastructure, in an OpenShift namespace operated by Phoeniqs, with the Steward application maintained by ANA Wealth. Every layer of the deployment is located in Switzerland and operated by Swiss legal entities. No data leaves Swiss jurisdiction in the normal course of operation.

The same physical infrastructure serves other Steward customers; your workspace is logically isolated from theirs by application-level controls that are tested as part of the security suite that runs against every production change. Cross-workspace access is not possible through the application; the database queries that power every page enforce workspace boundaries by construction.

Traffic between your browser and the Phoeniqs platform is encrypted with TLS. Inside the Phoeniqs cluster, traffic between the platform's edge and the Steward application runs over the platform's private network.

The Postgres database that stores your workspace records runs on encrypted persistent storage. Documents you upload are stored in object storage with server-side encryption. Backups are encrypted. None of these layers expose decryption keys to non-platform parties.

“Encrypted at rest” means specifically: if a storage volume or object bucket were physically obtained outside the platform's normal access channels, the data would be unreadable without the platform's keys. It does not mean that an authorised operator working through the platform's normal access path is locked out. The distinction between those two scenarios is described in section 04.

There are three classes of party with theoretical access to your workspace, and they are meaningfully different.

You and any users you invite into your workspace can access the data through the Steward application according to the roles you assign. Director roles can see everything in the workspace; non-director roles see only what the director scope permits.

ANA Wealth operators — a small team — have administrative access to the Steward application and direct access to the Postgres database that backs your workspace. This access is logged and audited and is exercised only for operational support and incident response. In practice it is used to help you with a problem, not to read your data. We hold this access because we operate the application; removing it would require the Dedicated tier described in section 07.

Phoeniqs operators have access to the underlying infrastructure — compute, storage, network. They do not have credentials to the Steward application or to your workspace data through the application path. Their theoretical access is at the storage layer, where data is encrypted at rest but where, in principle, the platform manages the encryption keys.

What this means in plain terms: at the Hosted tier, neither ANA Wealth nor Phoeniqs is a no-knowledge custodian of your data. We are operators with audited access. If you require infrastructure where even the platform operators cannot decrypt your data, that is the Dedicated tier with customer-controlled HSM keys — see /pricing.

When you use Steward's chat, drafting, or analysis features, the relevant portion of your workspace — the chunks of documents the system retrieves to answer your question, plus your house rules and the question itself — is sent to Phoeniqs's model inference service for the duration of that request. The model inference service runs on Phoeniqs's Swiss infrastructure; prompts and completions remain in Switzerland.

For client-facing chat and drafting work, Steward uses Phoeniqs MAAS model aliases ending in -GRC where Phoeniqs publishes those aliases. The Phoeniqs gateway may first block or mask harmful content, secrets, or sensitive identifiers before the request reaches the model. This is not a new third party; it is part of the Phoeniqs MAAS processing path.

What is not sent to the model: your full document library, your full chat history, the structure of your knowledge graph, or any content not specifically selected as context for the current question.

Phoeniqs and ANA Wealth are both Swiss legal entities subject to Swiss law. Compelled disclosure of your data would require a Swiss court order against one of these parties. Non-Swiss authorities cannot compel access directly; they would have to use mutual legal assistance treaties through Swiss courts, which is a different and far higher bar than a subpoena issued in their own jurisdiction.

This is the substance of the “Swiss-sovereign” claim. It is meaningfully different from a US-headquartered or UK-headquartered service. It is not “subpoena-proof” in any absolute sense.

To be explicit about what the Hosted tier does not include: end-to-end encryption with customer-held keys, no-knowledge custody, dedicated single-tenant infrastructure, or a guarantee that platform operators cannot in principle access your encrypted-at-rest data.

These are real capabilities and they exist at the Dedicated tier: customer-controlled HSM keys, a single-tenant deployment, and a separate price structure. For organisations whose posture requires no-knowledge custody — where neither ANA Wealth nor Phoeniqs holds a copy of any key that could decrypt your data — the Dedicated tier is the appropriate engagement shape.

See /pricing for the Dedicated tier engagement shape and how to begin that conversation.