Privacy Policy
Last updated May 1, 2026
Who we are
Worthwise is a product operated by Buildware ("Buildware," "we," "us," or "our"). Buildware is the data controller for purposes of this Privacy Policy.
Contact: hi@worthwise.app
Information we collect
We collect the following categories of information:
Information you provide
- Phone number (in E.164 format)
- Payment method details (handled by Stripe; we do not store card numbers)
- Messages you send to Worthwise
- Settings you configure (cadence, day, time, timezone)
Information from your linked accounts (via Plaid)
- Account names, types, and institutions
- Account balances and balance history
- Account identifiers from your financial institutions
We do not request or store transaction-level data unless explicitly required for a feature you opt into. We do not collect your Social Security number, full account numbers, or login credentials for your financial accounts (those stay with Plaid).
Information collected automatically
- IP address and user-agent for web sessions
- Authentication metadata from Twilio Verify (sign-in codes)
- Operational logs (rate limits, error traces)
How we use your information
We use your information to:
- Provide net worth summaries and answer your questions about your accounts
- Send scheduled SMS, RCS, or iMessage updates
- Process subscription payments via Stripe
- Communicate with you about service changes, security, or support
- Comply with legal obligations
- Detect and prevent fraud, abuse, or unauthorized access
We do not sell your information. We do not share your information with third parties for their advertising or marketing.
Sharing with third parties
We share information with the following providers strictly to operate Worthwise:
| Provider | Purpose | Information shared |
|---|---|---|
| Plaid | Read-only bank account linking and balance refresh | Phone number, encrypted account access tokens |
| Stripe | Subscription payment processing | Email, payment method, subscription status |
| Twilio Verify | One-time-passcode SMS at sign-in | Phone number, OTP |
| Sendblue | iMessage / SMS delivery — scheduled updates and conversational replies | Phone number, message content |
| Anthropic (Claude) | AI-powered conversational responses | Aggregate financial context (balances, account names, deltas). Subject to a data-processing agreement; Anthropic does not retain or train on this data. |
| Convex | Database and scheduled jobs | All operational data |
| Vercel | Web hosting | Standard hosting telemetry (IP, request paths) |
| Sentry, Axiom | Error tracking and observability | Redacted operational logs (no raw account data) |
We do not send raw transaction-level data, full account numbers, Social Security numbers, or login credentials to Anthropic or any AI provider.
AI processing of your financial data
Worthwise uses Anthropic's Claude API to generate conversational responses about your accounts. We send aggregate context (current net worth, recent snapshots, account names and types, period-over-period changes) — not raw transactions or full account numbers. Per our data-processing agreement with Anthropic, this data is not retained by Anthropic and is not used to train any AI model.
Data retention
- Account and balance data: retained while your account is active.
- Conversation history: retained for 30 days, then redacted to aggregates.
- Payment records: retained as required by tax and accounting laws (typically 7 years).
- Audit logs: retained for 1 year.
When you delete your account, we revoke Plaid access tokens, cancel your Stripe subscription, and purge your data from our systems within 30 days, except where retention is legally required.
Your rights
Subject to applicable law (CCPA / CPRA in California, similar regimes in other states), you have the right to:
- Access your data — request a JSON export of everything we hold on you
- Delete your data — text DELETE, use the in-app delete button, or email us
- Correct inaccurate data
- Opt out of communications by replying STOP
- Pause updates without deleting your account
To exercise these rights, contact hi@worthwise.app or use the settings page in /app.
Security
We protect your data with:
- Encryption of Plaid access tokens at rest (libsodium)
- TLS for all data in transit
- Audit logging of internal access to user data
- Mandatory two-factor authentication on all admin consoles
- Quarterly security reviews and least-privilege access controls
No system is perfectly secure. If we detect a breach affecting your data, we will notify you within 72 hours.
Children's privacy
Worthwise is not intended for users under 18. We do not knowingly collect data from children under 13.
Changes to this policy
We may update this Privacy Policy. We will notify you of material changes by SMS or in-app notice. Continued use of Worthwise constitutes acceptance of the updated policy.
Contact
Privacy questions or rights requests: hi@worthwise.app
Buildware
[Address — TBD]
Questions? hi@worthwise.app