Privacy Policy

Last Updated: February 26th, 2026

1. Introduction

WealthInsightSync ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including financial tools, advisor-client management features, and optional family scheduling features.

This policy applies to users in the United States. By using the Service, you consent to the practices described in this policy.

WealthInsightSync is a financial technology platform and not a bank, brokerage, credit reporting agency, or financial institution. We do not hold, transfer, or custody customer funds.

Your information may be processed and stored in the United States. By using the Service, you consent to such processing.

Financial Disclaimer: WealthInsightSync provides informational, calculation, tracking, and computational modeling tools only. Nothing in our Service constitutes financial, investment, tax, or legal advice, and we do not make recommendations. WealthInsightSync is not a registered investment advisor, broker-dealer, or financial planner. Always consult a qualified professional before making financial decisions.

Disputes related to privacy matters are subject to the dispute resolution provisions set forth in our Terms of Service.

2. Information We Collect

2.1 Account Information

  • First and last name, email address
  • City and state (optional, for localization)
  • Account credentials (passwords stored as one-way cryptographic hashes)
  • Email verification status

2.2 Financial Data (User-Entered)

  • Income sources and amounts
  • Bills, recurring expenses, and subscriptions
  • Debt balances, interest rates, and minimum payments
  • Financial goals, target amounts, and target dates
  • Net worth entries and manual transactions
  • Savings amounts and budget allocations

2.2A Receipt Images (Premium & Elite — Optional)

If you use the receipt scanning feature (Premium and Elite plans), you may upload receipt images for AI-powered OCR extraction. The following applies:

  • Receipt images are transmitted to OpenAI, LLC solely to extract text fields (merchant name, amount, date, category) and are not stored by WealthInsightSync after processing is complete
  • Only the extracted text fields are returned to you; the original image is not retained
  • You must not upload images containing Social Security Numbers (SSNs), government-issued IDs, credit or debit card numbers, bank account numbers, or other sensitive personal identifiers
  • OpenAI processes uploaded images under OpenAI's API data usage policies and does not use API data to train its models by default

2.3 Bank Account Data (Plaid — Optional)

If you choose to connect a bank account, we use Plaid Technologies, Inc. (“Plaid”) to retrieve account and transaction data as authorized by you through the Plaid interface. We do not receive or store your banking credentials. From our perspective, connected data is read-only and the Service cannot initiate transfers or payments.

Bank and transaction data may be delayed, incomplete, reclassified, or unavailable based on financial institutions and third-party providers. WealthInsightSync is not responsible for inaccuracies originating from third-party data sources. Plaid's Privacy Policy governs how Plaid handles your data at plaid.com/legal.

2.4 Advisor-Client Data (Elite Plan)

Elite-tier advisors may create client profiles and record the following data on behalf of their clients:

  • Client name, email, and contact notes
  • Client financial goals, milestones, and progress records
  • Engagement logs, meeting summaries, and action items
  • Client-specific scheduling events

Advisors are responsible for obtaining any necessary consent from their clients before entering client data into the Service. WealthInsightSync acts as a data processor for advisor-entered client data; the advisor (data controller) is responsible for ensuring lawful basis for processing.

For advisor-entered client data, WealthInsightSync processes such data solely on documented instructions from the advisor and does not determine the purposes or means of processing. Advisors remain responsible for ensuring their use of the Service complies with applicable privacy laws and professional obligations.

2.5 Communication Data (SMS & Email)

  • Phone number (if you opt in to SMS reminders)
  • SMS consent timestamp and opt-in record
  • Email reminder consent status
  • Timezone preference (for TCPA quiet-hours compliance)

SMS messages are delivered via Twilio Inc. Transactional emails are delivered via Resend Inc. Message and data rates may apply. You may opt out at any time by replying STOP to any SMS or clicking the unsubscribe link in any email.

2.6 Children Hub Data (Guardian-Managed)

  • Child profile identifiers (first name or nickname, age, avatar)
  • Schedule and calendar information entered by a parent or legal guardian
  • Chores, allowances, and gift tracking entered by a parent or legal guardian
  • Event locations (manually entered — we do not collect GPS or real-time location)

No child information is collected before a parent or legal guardian provides affirmative consent and confirms they are 18 or older.

2.7 Subscription & Billing Data

Subscription and payment processing is handled by Stripe, Inc. We store your Stripe customer ID, subscription ID, plan tier, and billing status. We do not store full credit card numbers. Stripe's Privacy Policy governs payment data at stripe.com/privacy.

2.8 Automatically Collected Information

  • IP address (used for security and fraud prevention)
  • Browser type and device information
  • Session authentication tokens (server-side, expiring)
  • General usage data and error logs

We do not currently respond to browser “Do Not Track” signals, as no uniform industry standard for compliance exists.

Certain financial account and transaction information may be considered “sensitive personal information” under applicable law. We use such information solely for providing, securing, and improving the Service and do not use it for advertising purposes.

2A. Categories of Personal Information Collected (CCPA/CPRA)

In the preceding 12 months, we have collected the following categories of personal information as defined under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA):

  • Identifiers: name, email address, phone number, IP address, account username.
  • Commercial Information: subscription status, billing records, transaction history entered by users.
  • Financial Information: income data, expense data, debt balances, savings information, bank transaction data (if connected via Plaid).
  • Internet or Electronic Activity Information:device information, browser type, usage logs, session data.
  • Geolocation Data (Limited): general city/state information derived from IP address for security and localization.
  • Sensitive Personal Information: financial account and transaction data voluntarily provided or authorized by users.

We collect this information directly from you, from your connected financial institutions (if authorized), and from service providers necessary to operate the Service.

We use and disclose this information solely for legitimate business purposes described in this Privacy Policy. We do not sell personal information and we do not share personal information for cross-context behavioral advertising.

3. How We Use Your Information

  • Provide, operate, and maintain the Service
  • Authenticate accounts and prevent unauthorized access and fraud
  • Process subscription payments and manage billing
  • Send bill reminders, verification codes, and service-related communications
  • Enable advisor-client workflow features (Elite plan)
  • Enable guardian-managed scheduling and children's features
  • Generate automated insights from your own data
  • Process receipt images via AI OCR to extract transaction details (Premium & Elite; images not retained after processing)
  • Improve Service functionality, reliability, and security
  • Comply with applicable laws and legal obligations

We do not use your financial data for advertising, sell it to third parties, or use it to train machine learning models without your explicit consent. Receipt images transmitted to OpenAI are processed under OpenAI's API terms, which do not use API inputs to train models by default.

4. Third-Party Service Providers

We share data with the following service providers only as necessary to operate the Service:

ProviderPurposeData Shared
Plaid TechnologiesBank account connectivity (read-only)Access tokens; no credentials stored
Stripe, Inc.Subscription billing and payment processingEmail, billing info; no full card numbers stored by us
Twilio Inc.SMS bill reminders (opt-in only)Phone number, message content
Resend Inc.Transactional email deliveryEmail address, message content
Vercel Inc.Application hosting and deliveryRequest data, IP address (for security)
OpenAI, LLCAI-powered receipt OCR scanning (Premium & Elite only)Receipt image (transmitted for processing only; not stored by us or used to train OpenAI models under default API terms)

We do not sell personal information and we do not share personal information for cross-context behavioral advertising.

5. Parental & Guardian Consent (COPPA)

Family scheduling and Children Hub features remain locked until a parent or legal guardian confirms they are 18 or older, provides affirmative consent, and submits their full legal name as a consent record. No child information is collected before consent is given. Guardians may delete child profiles or revoke consent at any time through account settings.

We do not knowingly collect personal information from children under 13 without verifiable parental consent. If you believe we have inadvertently collected such information, please contact us at privacy@wealthinsightsync.com and we will delete it promptly.

6. Data Storage and Security

  • All data transmitted over HTTPS/TLS encryption
  • Data at rest encrypted where supported by our hosting provider
  • Passwords stored as one-way cryptographic hashes (never in plaintext)
  • Session tokens are server-side with automatic expiry
  • Role-based access controls limit who can view client data
  • Plaid access tokens stored securely; banking credentials never stored

Data Breach Notification: In the event of a security breach that affects your personal information, we will notify affected users within 72 hours of becoming aware of the breach (or as required by applicable law) via the email address on your account.

7. Data Sharing and Disclosure

We may disclose your information only in the following circumstances:

  • To service providers listed in Section 4, strictly for delivering the Service
  • To comply with a legal obligation, court order, or government request
  • To protect the rights, property, or safety of WealthInsightSync, our users, or the public
  • In connection with a merger, acquisition, or sale of assets (with prior notice)

We do not sell personal information and we do not share personal information for cross-context behavioral advertising as defined under the California Consumer Privacy Act (CCPA/CPRA). Child and family scheduling data is never used for advertising purposes.

8. Data Retention

  • Active account data: Retained for the duration of your account
  • After account deletion: Personal data purged within 30 days, except where retention is required by law
  • Billing records: Retained for 7 years as required by financial regulations
  • SMS consent records: Retained for 4 years from opt-in date (TCPA requirement)
  • Security logs: Retained for 90 days

You may request deletion of your account and personal data at any time through your account settings or by emailing privacy@wealthinsightsync.com.

9. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data ("right to be forgotten")
  • Portability: Request your data in a portable, machine-readable format
  • Objection: Object to processing of your data for certain purposes
  • Opt-out of SMS/Email: Reply STOP to any SMS or use the unsubscribe link in any email

Data portability scope: Data portability requests generally apply to information you have provided to us in a structured, commonly used, machine-readable format where technically feasible.

California residents (CCPA/CPRA): You have the right to know what personal information is collected and to request deletion and correction of certain information. You also have the right to opt out of the sale or sharing of personal information (we do not sell personal information and we do not share personal information for cross-context behavioral advertising), and to non-discrimination for exercising your rights.

To exercise any of these rights, contact us at privacy@wealthinsightsync.com. We will respond within 30 days.

10. Children & Teens

Accounts for individuals under 18 are guardian-managed. Children and teens do not create independent accounts. All data related to minors is entered and controlled solely by the account holder (parent or legal guardian).

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice in the Service at least 14 days before they take effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

12. Contact Us

Privacy inquiries: privacy@wealthinsightsync.com

Mailing address: 340 S Lemon Ave, Walnut, CA 91789

Response time: within 30 days of receipt

← Back to Home