Privacy Policy

Platform data handling, use, sharing, retention, and privacy rights.

Last updated: April 2026

Version: PRIVACY-2026-04

Scope and Application

This Privacy Policy describes how the platform collects, receives, stores, organizes, uses, shares, discloses, retains, and protects information in connection with your access to and use of the platform, any related services, and any electronic communications associated with those services.

This Privacy Policy applies to users, account holders, authorized users, visitors, applicants, business contacts, service providers, and other individuals whose information is processed through the platform. This Privacy Policy does not govern the privacy practices of advisors, brokers, custodians, issuers, counterparties, market data providers, or other third parties that operate independently of the platform.

The platform is a neutral technology infrastructure. The platform processes information to operate, secure, document, and improve system functionality. The platform does not process information for the purpose of making discretionary investment decisions, providing investment recommendations, or performing suitability analysis.

Information We Collect

We may collect the following categories of information, to the extent permitted by applicable law:

• Identity and profile data: name, business name, username, account identifier, role designation, title, organization, jurisdiction, and related profile details.
• Contact data: email address, mailing address, telephone number, support contact details, and notification preferences.
• Authentication and security data: passwords, hashed credentials, multi-factor authentication records, security tokens, access logs, device identifiers, IP addresses, browser information, operating system information, session details, and security event records.
• Account and relationship data: account status, linked service relationships, advisor or broker associations, permissions, authority designations, and administrative settings.
• Transaction and operational data: instructions, workflow actions, records of activity, timestamps, routing metadata, audit logs, event histories, platform interactions, and support or service records.
• Financial-related data: holdings-related data, account-related values, records supplied by brokers, custodians, or advisors, and other information necessary to display or process system functionality.
• Communications data: emails, messages, inquiries, support submissions, recorded calls where permitted by law, and other communications involving the platform.
• Technical and usage data: pages viewed, features used, clickstream data, approximate location based on IP address, crash data, diagnostics, performance data, and other analytics signals.
• Compliance and verification data: sanctions screening inputs, fraud-prevention indicators, due diligence records, dispute records, and documentation submitted for legal, regulatory, or security purposes.

We may also receive information from third parties, including advisors, brokers, custodians, service providers, analytics vendors, identity verification vendors, security vendors, and publicly available or legally available sources.

Sources of Information

We may collect information directly from you, automatically from your device or platform use, from service providers acting on our behalf, or from third parties connected to your use of the platform.

• Information you provide when you register, log in, communicate with us, upload content, configure settings, or use platform functions.
• Information collected automatically when you access or interact with the platform.
• Information received from linked service providers and third-party institutions connected to platform workflows.
• Information from fraud prevention, identity verification, sanctions screening, compliance, analytics, cloud, infrastructure, or customer support vendors.

How We Use Information

We may use information for legitimate operational, legal, business, and security purposes, including to:

• provide, operate, maintain, and improve the platform;
• authenticate users, maintain account security, and manage access permissions;
• display, organize, route, record, and process platform functionality and related workflows;
• maintain audit trails, logs, system history, and evidentiary records;
• communicate with you regarding your account, legal notices, updates, support, security, and service issues;
• detect, investigate, prevent, or respond to fraud, misuse, unauthorized access, sanctions concerns, abuse, disputes, or legal claims;
• comply with legal, contractual, regulatory, recordkeeping, and enforcement obligations;
• monitor performance, debug issues, conduct analytics, improve reliability, and develop new features;
• protect the rights, property, systems, records, users, personnel, and lawful interests of the platform and others.

We do not use your data to provide discretionary investment advice, to independently evaluate suitability for a transaction, or to make binding financial decisions on your behalf.

How We Share Information

We may share information as reasonably necessary for the operation, protection, and lawful administration of the platform. Categories of recipients may include:

• Affiliates and internal personnel for lawful operational, administrative, security, support, and compliance purposes.
• Service providers and processors that provide cloud hosting, infrastructure, analytics, customer support, communications, logging, security, audit, identity verification, compliance, data processing, and platform support services.
• Third-party institutions and connected parties such as advisors, brokers, custodians, counterparties, and other authorized entities where required by platform workflows, account relationships, instructions, permissions, or lawful operational requirements.
• Government authorities, regulators, courts, law enforcement, and legal process recipients where required or permitted by applicable law, subpoena, order, regulatory request, or lawful process.
• Business transfer participants in connection with a merger, acquisition, financing, restructuring, asset sale, or other corporate transaction, subject to applicable law.

We may also share aggregated or de-identified data that does not reasonably identify you, to the extent permitted by law, for analytics, service improvement, operational reporting, or business purposes.

Third-Party Services and Independent Controllers

The platform may interface with or display information from third-party institutions, applications, and services. Those third parties operate independently and may collect, use, share, retain, or disclose information under their own terms, notices, and privacy policies.

We are not responsible for the privacy practices, content, security, or data handling of any third party that is not under our control. You should review the privacy notices, agreements, and operational terms of each relevant third party.

Cookies, Tracking Technologies, and Analytics

We and our service providers may use cookies, pixels, local storage, session identifiers, log files, software development kits, and similar technologies to operate the platform and measure usage.

These technologies may be used to:

• authenticate users and maintain sessions;
• remember settings and preferences;
• measure performance, traffic, and feature usage;
• identify system issues and security anomalies;
• support fraud prevention, diagnostics, and reliability improvements.

Your browser or device may provide controls relating to cookies or similar technologies, but disabling certain technologies may affect platform functionality, access, security, or performance.

Communications, Monitoring, and Recordkeeping

We may send electronic communications, including legal notices, security alerts, service messages, confirmations, support responses, and administrative updates. We may monitor, review, record, retain, and analyze communications and platform interactions where permitted by law for security, support, compliance, quality assurance, training, dispute resolution, and evidentiary purposes.

You consent to such monitoring, review, recording, and retention to the extent permitted by law when you use the platform or communicate with us.

Data Retention

We retain information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, including to provide services, maintain business and evidentiary records, comply with legal and regulatory obligations, resolve disputes, enforce agreements, maintain security, and protect rights and systems.

Retention periods may vary depending on the nature of the information, the sensitivity of the information, the purpose of processing, legal obligations, operational needs, and risk-management requirements. Audit logs, system records, consent records, legal notices, compliance materials, dispute records, and security records may be retained for extended periods where justified by law or legitimate business necessity.

Security

We use administrative, technical, and organizational safeguards designed to protect information from unauthorized access, use, disclosure, alteration, and destruction. These measures may include role-based access controls, encryption, authentication controls, logging, monitoring, vendor oversight, environment controls, and incident response processes.

No system, transmission method, network, or storage environment is completely secure. We do not guarantee that information will be secure in all circumstances, that unauthorized access will never occur, or that security measures will always prevent interception, loss, misuse, or compromise. You are also responsible for maintaining the confidentiality and security of your credentials, devices, systems, and account access methods.

Financial Privacy Notice

To the extent the platform receives or processes financial-related information in connection with services, that information may be used and shared as necessary to provide the platform, support lawful account functionality, maintain records, prevent fraud, enforce rights, comply with legal obligations, and operate with affiliated or unaffiliated service providers acting on our behalf.

We do not disclose personal financial information to non-affiliated third parties for their independent marketing purposes except as permitted by law, directed by the user, or otherwise authorized under an applicable agreement, notice, or legal requirement.

Where applicable, financial privacy practices may also be governed by separate notices, contractual arrangements, or jurisdiction-specific requirements.

California Privacy Rights

If you are a California resident, you may have rights under California law, subject to verification, exceptions, and limitations permitted by law. These rights may include the right to request access to categories and specific pieces of personal information collected about you, the right to request deletion of certain personal information, the right to request correction of inaccurate personal information, and the right to know categories of sources, purposes, and third-party disclosures.

You may also have the right, where applicable, to limit the use or disclosure of certain sensitive personal information if the relevant law applies and the platform engages in such use in a covered manner. We will not unlawfully discriminate against you for exercising applicable privacy rights.

GDPR-Style and Similar Rights

Depending on your location and applicable law, you may have rights relating to access, correction, deletion, portability, restriction, objection, withdrawal of consent where processing is based on consent, and the ability to lodge a complaint with an applicable supervisory authority.

These rights are subject to verification, legal limitations, exemptions, recordkeeping obligations, security considerations, and other conditions permitted by law. We may request information reasonably necessary to verify your identity and authority before acting on a privacy request.

International Transfers

Your information may be processed, stored, or accessed in jurisdictions other than the jurisdiction in which you reside. Those jurisdictions may have privacy or data protection laws that differ from the laws of your jurisdiction.

Where required by law, we will use appropriate safeguards for cross-border transfers of personal information. By using the platform, you acknowledge that your information may be transferred to, processed in, and stored in locations where we or our service providers operate, subject to applicable law.

Children’s Privacy

The platform is not directed to children and is not intended for use by individuals under the age of 18 unless expressly authorized under a lawful account structure and applicable law. We do not knowingly collect personal information directly from children in a manner prohibited by law. If you believe information has been provided to us by or about a child in violation of applicable law, contact us using the privacy contact information designated by the platform.

Changes to This Privacy Policy

We may modify this Privacy Policy at any time. Updated versions become effective when posted, delivered, or otherwise made available through the platform or by other legally sufficient notice. Your continued use of the platform following an update constitutes acknowledgment of the revised Privacy Policy to the extent permitted by law.

Contact Information

If you have questions about this Privacy Policy, privacy practices, or a privacy request, you should contact the platform using the designated privacy contact method published by the platform.

System Privacy State

Source: platform session state

Consent Action

By confirming below, you acknowledge and agree to the Privacy Policy and the platform’s data handling practices, including collection, storage, processing, and usage of information, and you agree to all identified legal documents, including Terms, Privacy, Risk, Consent, Scope, and Disclosure.

Consent required before access.