Skip to main content
Wealth Recon
Apply for access

1. Scope

This Privacy Policy describes how Wealth Recon collects, uses, shares, and protects personal information. It applies to two distinct populations:

  • Advisor users: licensed financial advisors who hold a Wealth Recon account and use the application to generate prospect-research dossiers.
  • Dossier subjects: the individual humans whose names, household compositions, professional histories, and wealth signals are surfaced in Wealth Recon dossiers. Subjects do not hold a Wealth Recon account; they may interact with Wealth Recon only through the privacy-request channels described below.

Wealth Recon honors the strictest United States state privacy obligations regardless of subject or advisor user location, anchored by California's Consumer Privacy Act, Colorado's Privacy Act, Virginia's Consumer Data Protection Act, and Connecticut's Data Privacy Act. The privacy-law watchlist at docs/operations/privacy-law-watchlist.md (internal) is reviewed quarterly to keep this floor current as the United States state-privacy landscape moves.

2. Information we collect about advisor users

When you sign up for a Wealth Recon account, we collect: full name, firm, account email address, work email address, optional Central Registration Depository number, optional LinkedIn Uniform Resource Locator. We collect verification results from FINRA BrokerCheck and the Securities and Exchange Commission Investment Adviser Public Disclosure database, plus a work-email-domain match outcome.

When you use Wealth Recon, we collect: your dossier requests, your inline edits to dossier content, your advisor-profile fields that drive Connection Pathways (alma maters, military service, professional memberships, geographic markets), your billing information through Stripe, your access patterns (login timestamps, page visits within the gated app), and any messages you send to support, privacy, or admin email addresses.

We do not collect or store your password directly; Supabase Auth handles authentication and stores hashed credentials.

3. Information we collect about dossier subjects

The dossier subject's name, location, employer, professional history, public wealth signals, household composition, philanthropic activity, board service, public political contributions, public real estate holdings, public-company equity, and other categories documented in master spec Section 8 are collected exclusively from publicly available sources. Sources include Securities and Exchange Commission filings, court records, real estate records, regulatory disclosures, news, professional history sources, and similar public-web surfaces.

We do not buy data from breach markets. We do not pay third parties operating outside the law. We do not access medical or health records (with the narrow exception of voluntary public disclosure by the subject themselves), beneficial-ownership reports filed with the Financial Crimes Enforcement Network, social media of minor children, or any source restricted by federal statute.

When an advisor in your firm-tenant corrects a fact in a dossier, the corrected fact is stored against the subject's canonical Master Person Index record with provenance: the advisor identifier, the timestamp, and the corrected-flag indicator. The corrected fact may inform future dossiers on the same subject across other firm-tenants in aggregated, anonymized form per the cross-tenant data-sharing language in our Terms of Service.

4. How we use the information

For advisor users, we use your information to authenticate your account, deliver the dossier generation pipeline, surface your Connection Pathways across the prospects in your tenant, render the in-app reader and the downloadable Portable Document Format and Comma-Separated Values exports, bill your subscription through Stripe, deliver transactional emails, deliver the onboarding drip-email sequence and product-update emails (you may opt out of marketing emails through your account preferences), and run aggregated product-analytics through Plausible Analytics on the marketing site (the gated app uses Sentry for error tracking only; Plausible Analytics excludes the gated app and the privacy-request page).

For dossier subjects, we use your information to surface a research artifact that licensed advisors use in prospect-evaluation workflows. We do not sell your data, do not use it for marketing, and do not use it to contact you outside the privacy-request channel you have initiated.

5. How we share the information

Within Wealth Recon, advisor users at the same firm-tenant share access to dossiers generated within that tenant per the master spec's tenant-wide visibility rule. Advisors at different firms do not see each other's dossiers, requests, or edit history, except through the anonymized Master Person Index aggregation described in Section 3 above.

Wealth Recon shares advisor-user information with third-party service providers to operate the application:

  • Stripe for payment processing.
  • Supabase for database, authentication, and object storage.
  • Vercel for hosting and content delivery.
  • Inngest for background job orchestration.
  • Anthropic, Google, Perplexity, xAI for the large-language-model agent pipeline. None of these providers retain your dossier output or your inline edits beyond the immediate request-response cycle; pipeline calls are made through application-programming-interface keys held in our environment-variable store, and the providers' published privacy policies govern their handling of the call payloads.
  • Sentry for error monitoring.
  • Cloudflare for content-delivery, CAPTCHA, and email-routing services.
  • Plausible Analytics for marketing-site analytics (cookie-free, no personal information).
  • FINRA BrokerCheck and the Securities and Exchange Commission Investment Adviser Public Disclosure database for signup verification (one-way query; we do not transmit any information to these databases beyond the Central Registration Depository number you submit).

Wealth Recon shares dossier-subject information only with advisor users at the requesting firm-tenant and within the anonymized Master Person Index aggregation. Wealth Recon does not sell dossier-subject data to any third party.

6. Subject rights

If you are the subject of a Wealth Recon dossier, you have the following rights regardless of where you reside in the United States:

  • Access: request a human-readable export of every record Wealth Recon holds on you, plus the access log of every advisor query that touched your record. Operational target: 21 calendar days from a verified intake.
  • Deletion: request that Wealth Recon delete every record keyed to your identity and apply a permanent do-not-process flag preventing future dossier generation on you. Operational target: 14 calendar days.
  • Correction: request that Wealth Recon correct a wrong fact in our records. Operational target: 21 calendar days.
  • Do-not-process: request that Wealth Recon never generate a future dossier on you. Operational target: 7 calendar days.

The primary channel for any of these requests is the form at https://wealthrecon.com/privacy. Identity verification runs in two stages: a confirmation email loop, plus, on deletion, correction, or do-not-process requests, a documentary-identification check when the public record does not unambiguously identify you. Identity documents are reviewed, used to confirm identity, and then deleted from Wealth Recon's systems within seven calendar days. Identity documents are never used to enrich the contact intelligence layer.

The secondary channel is privacy@wealthrecon.com. The tertiary channel is the physical mailing address listed below.

We do not charge a fee for processing any of these requests. We do not retaliate against any subject for exercising these rights. Subjects whose deletion or do-not-process requests are honored may rescind those requests at any time through the same form.

7. Advisor-user rights

Advisor users have all subject rights above (treating themselves as subjects), plus the following account-level rights:

  • Update your account information through the Account page in the gated app.
  • Export your tenant's data (your account record, your dossier list, your inline edits, your advisor profile) through the Account page; an automated export delivers within one business day.
  • Cancel your subscription through the Stripe Customer Portal at any time.
  • Opt out of non-transactional emails (the onboarding drip sequence, the product-update sequence) through the unsubscribe link in any such email or through the Account page.

8. Data retention

We retain advisor-user account information for the duration of your active subscription plus a 12-month archive window after cancellation, after which the records are deleted. Dossier artifacts (the styled Portable Document Format, the dossier JavaScript Object Notation, the Comma-Separated Values export) are retained indefinitely while you remain an active customer; they archive for 12 months after cancellation, then delete.

Subject identity records and household records are retained for 24 months from the date of last use, after which they auto-purge unless a recent dossier reference keeps them in active state. Master Person Index entries inherit the longest retention of any reference to the underlying fact.

Audit-log entries and the minimized record retained after a subject deletion (request identifier, deletion date, source manifest at time of deletion) are retained indefinitely as a regulatory-defense record per the operational and legal sub-spec.

9. Security

Wealth Recon encrypts data at rest using AES-256 with keys held in Supabase's key management service, with key rotation on a 90-day schedule. Connections between the application and storage use Transport Layer Security version 1.3. Connections to third-party source providers use Transport Layer Security version 1.3 or the strongest version the provider supports.

Access controls are scoped tightly. Bryce Randall, as solo founder and operator, has full administrative access to the operational store. No other human has standing access at V2 launch. Future engineers and operators will receive role-scoped access under least-privilege controls.

The Wealth Recon team will respond to any suspected data incident within 72 hours of discovery. Notification to affected advisor users and dossier subjects, where required by law, will follow the relevant state-specific notification rules.

10. Children's privacy

Wealth Recon is not directed at and does not knowingly collect personal information from individuals under 18. The signup gate restricts access to licensed financial advisors. Dossier subjects who are minors are excluded from the engine; the methodology rules suppress dossier generation on subjects under 18.

11. International users

Wealth Recon is operated from the United States and is intended for use by United States-based licensed financial advisors. We do not market Wealth Recon outside the United States. If you access Wealth Recon from outside the United States, your information will be transferred to and processed in the United States, where data-protection laws may differ from those in your home jurisdiction.

12. Changes to this Privacy Policy

Wealth Recon may amend this Privacy Policy from time to time. Material amendments will be notified through the email address on your account, and a banner will surface on the in-app reader for thirty days following the change. Non-material amendments will be reflected in the version date at the top of this document.

13. Contact

For privacy questions or requests, contact privacy@wealthrecon.com or use the form at https://wealthrecon.com/privacy.

For other support questions, contact support@wealthrecon.com.

Physical mailing address: Wealth Recon, c/o Polsky Exchange North, 1452 E. 53rd St., 2nd Floor, Chicago, IL 60615.

End of Privacy Policy draft.