Privacy Policy

1. Our principles

We collect the minimum information needed to run the Service and we do not sell or rent your personal data. Specifically:

• We do not sell your data.Not to advertisers, not to data brokers, not to “partners.”
• We do not train AI models on your personal data. Your portfolios, queries, and research history are not used to train any model, ours or our providers'.
• We do not share your data with third parties for marketing purposes.
• Brokerage access is read-only. We cannot and do not initiate trades or move money.

2. Information we collect

a. You provide directly

• Email address, name, and password (hashed) on sign-up.
• Waitlist entries (email, optional name and portfolio size).
• Profile preferences: risk tolerance, goals, horizon (optional).
• Research queries (tickers you analyze) and portfolio review requests.

b. Automatically collected

• IP address, browser/user-agent, device type — for security, rate limiting, and abuse prevention.
• Session cookies — to keep you signed in. We do not use third-party tracking or advertising cookies.
• Rate-limit counters keyed by user ID and IP.
• Usage counters (token consumption, estimated spend, query volume) for plan-limit enforcement.

c. From brokerage integrations (if you link)

Brokerage linking is read-only— we cannot and do not initiate trades or move money. Linking requires your explicit authorization through the brokerage’s own login screen. We use two services, with a Plaid-first policy:

• Via Plaid Investments (primary)— holdings and investment-transaction data for Schwab, Fidelity, Vanguard, Robinhood, E*TRADE, Merrill, SoFi, Webull, and the large majority of US brokerages. We use Plaid’s Investments product only. We do not use Plaid Bank Accounts, Net Worth, Credit Cards, Loans, Liabilities, Enrich, or Recurring Transactions — we never receive your checking, savings, credit card, or loan data. Your brokerage login credentials are exchanged directly between you and Plaid; we receive only an encrypted access token scoped to investment-account data.
• Via SnapTrade (fallback)— used only for institutions Plaid doesn’t cover, primarily crypto exchanges (Coinbase, Kraken, Gemini) and a handful of non-US/alt brokers (Questrade, Wealthsimple). Same read-only posture; we never receive your brokerage login credentials. SnapTrade holds the authorization on your behalf and we store an encrypted user secret that lets us query your data.
• We retrieve and store your broker transaction history (buys, sells, dividends, fees, splits, transfers) for up to the depth your broker permits, currently as far back as 24 months for most institutions and approximately 4 years for Charles Schwab.
• We never store your broker account numbers or login credentials. Account references use opaque aggregator IDs from SnapTrade or Plaid.

d. From AI providers

• We send prompt content (including your queried ticker and the verified public data block) to Anthropic, OpenAI, and Google Cloud for inference. We do not send your email, name, or other identifiers in these prompts.

3. How we use your information

• To operate the Service — authentication, running analyses, syncing holdings, rendering the UI.
• To protect the Service — rate limiting, abuse detection, fraud prevention.
• To enforce usage caps — stopping a user from accidentally running up a large AI bill.
• To maintain a personal track record — every recommendation is stored so we can show you how our past calls played out.
• To contact you about your account, security issues, or material Service changes.
• To comply with law and respond to valid legal process.
• We use this data only to power your performance chart and analysis surfaces. We do not share it with third parties, do not sell it, and do not use it for advertising.
• Past transaction outcomes are informational only. Not investment advice. Not a guarantee of future performance.

4. Sub-processors we rely on

We share information with the following processors solely to run the Service:

• Neon — Postgres database hosting.
• Vercel — web hosting, serverless compute, logs.
• Anthropic — Claude model inference.
• OpenAI — GPT model inference.
• Google Cloud (Vertex AI) — Gemini model inference.
• Plaid — primary brokerage account linking, Investments scope only (Schwab, Fidelity, Vanguard, Robinhood, E*TRADE, Merrill, SoFi, Webull, and most US brokerages).
• SnapTrade— fallback brokerage linking for institutions Plaid doesn’t cover (crypto exchanges such as Coinbase and Kraken, plus a few non-US brokers).
• Resend — transactional email (verification, password reset, waitlist confirmation).
• SEC, FRED, Yahoo Finance — public data sources. These providers do not receive identifying information from us.

Each processor's own privacy policy governs how they handle data on our behalf.

5. Security

• Encrypted connections (HTTPS / TLS 1.2+) for all traffic.
• Passwords are hashed using industry-standard algorithms (Better Auth default: scrypt).
• Brokerage user secrets and access tokens (SnapTrade, Plaid) are encrypted at rest using AES-256-GCM.
• Optional two-factor authentication (TOTP) — available in your account settings.
• Rate limiting and authentication on all sensitive endpoints.
• Access to production data is limited to authorized engineering staff.
• Transaction data is encrypted at rest (database-level via AWS KMS) and in transit (TLS 1.3). Free-text broker memos are additionally encrypted at the application layer with AES-256-GCM.
• We retain transaction history while your ClearPath account is active. Account deletion purges from primary systems immediately and from database backups within 30 days.

Our full information-security program — including access control, encryption practices, sub-processor vetting, and incident response — is documented in our Information Security Policy.

No system is perfectly secure. In the event of a breach that affects your information, we will notify you as required by applicable law.

6. Retention

• Account data is retained for as long as your account is active.
• Recommendations and outcome history are retained indefinitely (they are the core track-record product). You can request deletion (see §10).
• Logs (server, rate-limit buckets) are retained for no more than 90 days.
• Inactive accounts may be purged after 24 months of inactivity following a notice email.

7. Cookies

We use only essential cookies needed for session management and security. We do not use third-party advertising, analytics, or fingerprinting cookies. By default we respect “Do Not Track” signals.

8. Children

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a minor has provided information, contact us and we will delete it.

9. International users

The Service is hosted in the United States. If you access it from outside the U.S., you consent to the transfer of your information to the U.S. for processing as described in this Policy. We do not currently offer the Service in the European Economic Area or the United Kingdom in a manner targeting residents there.

10. Your rights

You have the right to:

• Access — request a copy of the personal data we hold.
• Correction — ask us to correct inaccurate data.
• Deletion — delete your own account directly from Account Settings at any time. A single-click account deletion cascades to your holdings, brokerage connections, research history, and personal notes. Subject to limited retention for legal or fraud-prevention reasons.
• Export — receive a machine-readable export of your portfolio, history, and preferences.
• Opt-out of marketing — at any time via the unsubscribe link in any email.
• You can export all stored transaction data as CSV at any time from Settings → Data & Privacy.
• You can purge transaction history from any individual broker connection at any time, while keeping your current holdings.

Exercise any of these rights by emailing privacy@clearpath-invest.com.

11. California residents (CCPA)

California residents may request (a) the categories and specific pieces of personal information we have collected about them, (b) the categories of sources, (c) the business purposes for collection, and (d) the categories of third parties with whom we share. We do not sell personal information. California residents may also ask us to delete personal information, subject to legal exceptions.

Data Vendors

ClearPath relies on the following service providers, each with their own privacy practices:

• SnapTrade — brokerage data aggregation
• Plaid — investments transactions and holdings
• Neon — Postgres database hosting (data encrypted at rest via AWS KMS)
• Vercel — application hosting and CDN

Breach Notification

In the event of a data breach affecting 500 or more individuals, we will notify the U.S. Federal Trade Commission and affected users in writing within 30 days of detection, in compliance with the Gramm-Leach-Bliley Act Safeguards Rule.

12. Changes

We may update this Policy. If changes are material, we will notify you by email or via the Service. The date at the top reflects the most recent update.

13. Contact

Questions? privacy@clearpath-invest.com. See also our Terms and Disclosures.