Privacy Policy
Your financial data is yours. Always.
This policy describes how WealthTrack collects, stores, and protects your information. It applies globally and is aligned with the GDPR (EU), CCPA (California), DPDP Act 2023 (India), and PDPA (Singapore/Thailand). Last updated: March 2026 · Version 3.3.
Plain-language summary: Your financial data (assets, liabilities, transactions, goals, budgets) is encrypted inside your browser and never transmitted to any server. The only personal information we hold on our servers is your email address, subscription status, and encrypted session tokens. We have no ability to read your financial records. No ads. No profiling. No selling your data. Ever.
1. Who We Are (Data Controller)
WealthTrack is operated by AIVibe Studio. For privacy-related enquiries or to exercise your data rights, contact us at: privacy@aivibestudio.com or via the in-app support form (Settings → Support). We aim to respond to all data rights requests within 30 days.
2. What Data We Collect and Why
We collect the minimum necessary to operate the service. The table below describes every category of personal data we process:
- Email address: Collected at registration. Used for account authentication, email OTP verification, and account recovery communications. Legal basis: contract performance (GDPR Art. 6(1)(b)); consent (DPDP Section 6).
- Subscription & billing status: Plan tier (Free / Pro), subscription dates, payment status. Used to gate features and process renewals. We do not store card numbers; payment processing is handled by a PCI-DSS compliant third-party processor.
- JWT session tokens: Issued at login. Stored as
httpOnly cookies. Used to authenticate your session. Expire after 7 days of inactivity. Not accessible by JavaScript.
- Email verification & account metadata: Whether your email is verified, your account creation timestamp, your role (user/admin), and 2FA enabled status. Stored to manage account security.
- Support requests: If you submit a support message or feedback, that content is stored encrypted and is visible only to authorised platform administrators.
What we do NOT collect: your financial data (assets, liabilities, income, expenses, goals, bills, budgets, snapshots), your vault passphrase, your encryption key, your device information, your IP address beyond what is logged at the network/CDN layer for DDoS protection, your browser fingerprint, behavioural analytics, or advertising identifiers. None of this data is ever sent to our servers.
3. Zero-Knowledge Architecture
All financial data you enter is encrypted inside your browser before it touches the network, using AES-256-GCM with a key derived from your vault passphrase via PBKDF2 (100,000 iterations, SHA-256). The passphrase is never stored or transmitted in any form. The encrypted blob stored on our server is mathematically indistinguishable from random data without your passphrase.
- Vault passphrase: Never stored. Exists only in your browser's memory for the duration of your active session.
- Encryption key: Derived client-side. Never written to disk, never transmitted.
- TOTP 2FA secret: Stored encrypted within your vault blob. Inaccessible without your passphrase.
- Encrypted vault blob: Stored on our servers as opaque ciphertext. Our administrators cannot read it.
- AI API keys (if used): Stored encrypted in your local vault. Never sent to WealthTrack servers.
4. Data Retention
- Account data (email, subscription, status): retained for the duration of your account plus 90 days after deletion to allow recovery. Permanently purged thereafter.
- Encrypted vault blob: Retained while your account exists. Deleted within 30 days of account deletion.
- Session tokens (JWT): Expire automatically after 7 days. Purged from server on logout.
- Support & feedback submissions: Retained for up to 12 months then purged, unless required for ongoing investigations.
- Server access logs (CDN/hosting): Standard infrastructure logs retained for 30 days for security and abuse monitoring. Not linked to your identity.
5. Your Rights
Depending on your jurisdiction, you have the following rights regarding your personal data. To exercise any of these, contact privacy@aivibestudio.com or use Settings → Support in-app.
- Right of Access (GDPR Art. 15 / CCPA / DPDP Sec. 11): Request a copy of all personal data we hold about you. We will provide this within 30 days in a portable format (JSON).
- Right to Rectification (GDPR Art. 16): Correct inaccurate personal data (e.g., email address). You can update your email directly in Settings.
- Right to Erasure / Deletion (GDPR Art. 17 / CCPA / DPDP Sec. 13): Request deletion of your account and all associated data. We will process this within 30 days. Note: your encrypted vault blob will also be deleted. Ensure you have exported your data first.
- Right to Data Portability (GDPR Art. 20 / CCPA): Export your financial data at any time via Settings → Import/Export (CSV or JSON). Account metadata can be requested by emailing us.
- Right to Restrict Processing (GDPR Art. 18): Request that we limit how we process your data while a dispute is pending.
- Right to Object (GDPR Art. 21): Object to processing where our legal basis is legitimate interest.
- Right to Withdraw Consent (DPDP Sec. 6 / GDPR Art. 7(3)): Where processing is based on consent, you may withdraw it at any time. This does not affect lawfulness of prior processing.
- California Residents (CCPA): You have the right to know, delete, and opt out of the sale of personal information. We do not sell, rent, or share personal information for cross-context behavioural advertising.
- Indian Residents (DPDP Act 2023): You have rights as a Data Principal to access, correct, and erase your personal data. You may nominate a representative to exercise these rights on your behalf.
If you are unsatisfied with our response, you have the right to lodge a complaint with your local supervisory authority (e.g., your country's Data Protection Authority, the California Privacy Protection Agency, or India's Data Protection Board).
6. Third-Party Services
- Railway (hosting) & Vercel (CDN): Our backend and frontend are hosted on Railway and Vercel respectively. Standard infrastructure access logs (IP addresses, request timestamps) are processed by these providers under their own privacy policies and DPA agreements. We have data processing agreements in place with both.
- Cloudflare (DNS & DDoS protection): Traffic passes through Cloudflare for DNS resolution and DDoS mitigation. Cloudflare may process IP addresses per their privacy policy.
- Resend (transactional email): Email OTPs and account notifications are sent via Resend. Your email address is shared with Resend solely to deliver transactional messages.
- Backblaze B2 (encrypted backup): Encrypted vault backups are stored in Backblaze B2. All data is encrypted client-side before upload; Backblaze cannot read your data.
- AI providers (Claude / OpenAI / Gemini, optional): Only activated if you enter an API key and trigger analysis. The stock ticker you query is sent to the provider. No financial data is involved. Your API key is stored only in your local encrypted vault.
- Google Fonts / CDN fonts: Display fonts loaded from CDN involve a standard HTTP request subject to the provider's privacy policy.
- Plausible Analytics: We use Plausible to measure aggregate site traffic (page views, visitor counts, referral sources). Plausible is cookieless, does not track individuals, does not use fingerprinting, and does not share data with advertising networks. No personal data is collected or processed. See plausible.io/privacy.
We do not use advertising networks, social media tracking pixels, or behavioural profiling services. Our analytics tool (Plausible) is cookieless and collects only anonymous, aggregate statistics.
7. Cookies & Local Storage
WealthTrack uses the following storage mechanisms and no others:
- httpOnly session cookie: Issued at login to maintain your authenticated session. Not accessible to JavaScript. Expires after 7 days of inactivity. Used for authentication only.
- Encrypted server vault (Neon DB via Railway): Your AES-256-GCM encrypted vault blob is stored on our server so you can access your data from any browser or device. The server receives only the encrypted blob and your PBKDF2 salt — it never sees your passphrase or your financial data in plaintext.
- IndexedDB (local cache): A copy of your encrypted vault is cached in your browser for faster access on your registered device. This cache is a convenience layer only; your data is always recoverable from the server using your passphrase.
- localStorage (minimal): Used to cache your vault key-derivation salt as a convenience fallback. This salt is a non-secret cryptographic input and contains no personal or financial data.
We do not use advertising cookies, tracking cookies, or analytics cookies. No third-party cookies are set by WealthTrack.
8. Data Security & Breach Notification
We implement the following technical and organisational measures to protect your data: AES-256-GCM encryption at rest for vault data, TLS 1.3 in transit, httpOnly/SameSite=Strict session cookies, bcrypt hashing for any stored credentials, and least-privilege access controls for infrastructure.
In the event of a personal data breach affecting your account data (email, subscription status), we will notify you via email and the relevant supervisory authority within 72 hours of becoming aware of the breach, in accordance with GDPR Art. 33–34. Note that even in a worst-case breach of our servers, your financial data remains protected by your vault passphrase, which we do not hold.
9. International Data Transfers
Our infrastructure is primarily hosted in data centres that may be located in the EU, US, or Asia-Pacific depending on your region. For users in the EU/EEA, transfers to third countries are governed by Standard Contractual Clauses (SCCs) with our hosting and email service providers. For users in India, transfers are consistent with the DPDP Act 2023 framework. We will update this section as global data transfer regulations evolve.
10. Children's Privacy
WealthTrack is not directed at children under the age of 16 (or 13 in jurisdictions where a lower age applies). We do not knowingly collect personal data from minors. If you believe a minor has registered, contact privacy@aivibestudio.com and we will delete the account promptly.
11. Changes to This Policy
The zero-knowledge architecture is permanent and will never change. Your financial data is encrypted inside your browser with a key only you hold, and it will never be transmitted to our servers, not now, not in any future version of WealthTrack. This is not a policy clause that can be quietly revised. Any version of this application that removed client-side encryption would not be WealthTrack. We make this as an unconditional commitment to every user.
For non-architectural updates (e.g., new third-party service providers, updated retention periods, or clarifications), we will increment the version number and "last updated" date above. If the changes are material to your rights, we will notify you by email at least 14 days in advance. Continued use of the service after the notice period constitutes acceptance of the updated terms.
12. Contact & Data Rights Requests
To exercise any of your data rights, submit a complaint, or ask questions about this policy:
- Email: privacy@aivibestudio.com
- In-app: Settings → Support → Account & Access issue
- Response time: We acknowledge requests within 5 business days and resolve them within 30 days (extendable by 60 days for complex requests, with notice).
Privacy Policy · WealthTrack v3.3 · Last updated March 2026 · GDPR · CCPA · DPDP Act 2023 · PDPA · This policy is legally effective and applies to all users globally.