1. Introduction & Scope
WealthGuard Financial Technologies Inc. ("WealthGuard", "we", "us", or "our") respects your privacy and is committed to safeguarding the personal and financial information you share with us. This Privacy & Data Handling Policy explains how we collect, use, process, store, and protect your data when you use our website, mobile applications, advisory services, and client portals.
Applicability: This policy applies to all individual clients, prospective clients, and users accessing WealthGuard services. It complies with the Gramm-Leach-Bliley Act (GLBA), GDPR, CCPA/CPRA, and applicable financial regulatory standards.
By using our services, you acknowledge that you have read, understood, and agree to the practices described in this policy. We recommend reviewing this document periodically, as we may update it to reflect changes in technology, law, or our operational practices.
2. Information We Collect
We collect and process information to provide secure financial planning, investment management, and regulatory compliance. The data we collect falls into the following categories:
| Category | Examples | Purpose |
|---|---|---|
| Identity & Contact | Full name, date of birth, government ID, email, phone, residential address | d>Account verification, communication, KYC/AML compliance|
| Financial & Transactional | Income, net worth, bank account/routing numbers, SSN/Tax ID, investment history, credit reports | d>Wealth planning, portfolio management, tax optimization|
| Technical & Usage | IP address, device type, browser logs, session cookies, clickstream data, API usage metrics | d>Platform security, performance optimization, fraud detection|
| Biometric & Authentication | FaceID, fingerprint scans, multi-factor authentication tokens | d>Secure account access, regulatory identity verification
We only collect information that is strictly necessary for delivering our services, ensuring regulatory compliance, and maintaining platform security. We do not collect sensitive health data, political affiliations, or religious beliefs unless explicitly required for specific estate planning services.
3. How We Use Your Data
Your information is processed for the following legitimate and contractual purposes:
- Service Delivery: Executing investment transactions, generating financial plans, tax calculations, and retirement projections.
- Account Management: Verifying identity, processing withdrawals/deposits, and maintaining accurate client records.
- Regulatory Compliance: Satisfying KYC, AML, FATCA, CRS, and SEC/FINRA reporting obligations.
- Platform Security: Detecting fraudulent activity, monitoring unauthorized access attempts, and securing transactions.
- Improvement & Innovation: Analyzing aggregated, anonymized usage patterns to enhance user experience and develop new financial tools.
- Communication: Sending transaction confirmations, regulatory disclosures, market updates, and security alerts.
We do not sell your personal data to data brokers, advertisers, or third-party marketers. Any promotional communications can be opted out of at any time via your account preferences or the unsubscribe link in our emails.
4. Data Sharing & Third Parties
We share your information only when necessary, legally permitted, or with your explicit consent. Third-party processors are bound by strict Data Processing Agreements (DPAs) and undergo annual security audits.
Authorized Recipients:
- Custodial Banks & Brokerages: For trade execution and asset custody (e.g., Apex Clearing, State Street)
- Payment Processors: ACH, wire transfer, and card payment facilitators (PCI-DSS compliant)
- Credit & Identity Bureaus: For account verification and fraud prevention
- Cloud Infrastructure Providers: AWS/GCP for encrypted data storage and computing
- Legal & Regulatory Authorities: When required by subpoena, court order, or financial regulators
We do not share your data for marketing purposes. International transfers (if any) are safeguarded via Standard Contractual Clauses (SCCs) and comply with GDPR Chapter V requirements.
5. Security & Encryption
WealthGuard employs enterprise-grade security measures to protect your data against unauthorized access, alteration, or disclosure:
- Encryption: AES-256 for data at rest; TLS 1.3 for data in transit
- Authentication: Multi-factor authentication (MFA), hardware security keys, and adaptive risk-based login
- Infrastructure: SOC 2 Type II certified data centers with 24/7 physical and digital monitoring
- Access Controls: Role-based access (RBAC), least-privilege principles, and quarterly privilege reviews
- Testing: Regular penetration testing, bug bounty programs, and automated vulnerability scanning
Breach Notification: In the unlikely event of a confirmed data breach affecting your information, we will notify affected users and relevant authorities within 72 hours, as required by applicable law, and provide remediation guidance.
6. Your Rights & Choices
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: Request a copy of all personal data we hold about you in a portable format.
- Correction: Update or rectify inaccurate or incomplete information via your client portal.
- Deletion: Request erasure of your data, subject to legal retention obligations (financial records must be kept for 7 years).
- Restriction/Opt-Out: Limit processing for marketing or direct communications.
- Portability: Export your financial plans and transaction history in CSV/PDF formats.
- Complaint: Lodge a complaint with your local data protection authority if you believe your rights have been violated.
To exercise these rights, submit a verified request through your account dashboard or contact our Data Protection Officer directly. We will respond within 30 days.
7. Data Retention & Deletion
We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce agreements.
- Active Accounts: Data retained for the duration of your relationship with WealthGuard.
- Closed Accounts: Financial and transactional records are retained for a minimum of 7 years post-termination to satisfy IRS, SEC, and anti-money laundering requirements.
- Marketing Data: Retained until you opt out or 24 months of inactivity, whichever occurs first.
- Analytics Data: Aggregated and anonymized data may be retained indefinitely for product research.
Upon expiration of retention periods, data is securely deleted or permanently anonymized using NIST 800-88 compliant sanitization methods.
9. Children's Privacy
WealthGuard's services are intended for individuals aged 18 and older. We do not knowingly collect or process personal data from minors. If we discover that a minor has provided information without parental consent, we will promptly delete such data and terminate the account. Guardians opening custodial accounts on behalf of minors provide explicit consent and assume data responsibility.
10. Policy Updates
We may update this Privacy & Data Handling Policy to reflect changes in our services, technological advancements, or regulatory requirements. Material changes will be communicated via email, in-app notifications, or prominent website banners at least 30 days before implementation. Your continued use of our services after the effective date constitutes acceptance of the updated policy.
11. Contact Our Data Protection Officer
If you have questions about this policy, wish to exercise your data rights, or need assistance with privacy settings, please contact our dedicated privacy team:
WealthGuard Data Protection Office
DPO Name: Elena Martinez, CIPP/E | CIPM
Email: privacy@wealthguard.com
Phone: +1 (800) 555-0198 (Mon-Fri, 9AM-6PM EST)
Mailing: WealthGuard Financial Technologies Inc., 450 Market Street, Suite 2100, San Francisco, CA 94111, USA
You may also submit data requests via the Secure Client Portal for faster verification and processing.