Last updated: April 2026
We collect: (a) account information (name, email, organization), (b) client data you input (portfolios, holdings, goals, risk profiles), (c) conversation history with AI agents, (d) usage analytics (pages visited, features used), and (e) LLM token usage for billing.
Your data is used to: (a) provide AI-powered financial analysis, (b) maintain conversation context and agent memory across sessions, (c) improve response quality through autoresearch scoring, (d) enforce organization-level token budgets, and (e) generate compliance audit trails.
All data is stored in Postgres (hosted on Supabase) with row-level security scoped by organization. Authentication is handled by Supabase Auth with encrypted sessions. API keys for LLM providers are stored encrypted and scoped to your organization.
WealthStack is multi-tenant. Every database row carries an organization ID. Data from one organization is never accessible by another. AI agent memories are scoped per-agent per-organization.
When you use AI agents, your queries are sent to LLM providers (Anthropic, Google, Groq, Cerebras, OpenAI). These providers process queries in real-time and do not retain conversation data beyond the request. We use prompt caching to reduce redundant data transmission.
WealthStack uses Mem0 for semantic memory — facts learned during conversations are stored as vector embeddings for retrieval. This enables cross-session and cross-agent context. Memory is scoped per-organization and can be deleted on request.
We use: Supabase (auth, database), Vercel (hosting), Railway (browser sidecar), Tavily (web search), Mem0 (semantic memory), and Sarvam AI (voice). Each service has its own privacy policy and processes only the data necessary for its function.
Conversation history is retained indefinitely unless deleted by the user. Agent memories expire based on research cadence (7-60 days for autoresearch findings). Harness analytics events are retained for 90 days. You can request data deletion at any time.
You have the right to: (a) access your data, (b) request correction of inaccurate data, (c) request deletion of your account and all associated data, (d) export your data in a standard format, and (e) opt out of semantic memory collection.
For privacy inquiries or data deletion requests, contact us at privacy@wealthstack.app.