Privacy Policy
Last updated May 22, 2026
Who we are
Worthwise is a product operated by Buildware ("Buildware," "we," "us," or "our"). Buildware is the data controller for purposes of this Privacy Policy.
Contact: help@worthwise.money
Information we collect
We collect the following categories of information:
Information you provide
- Phone number (in E.164 format)
- Payment method details (handled by Stripe; we do not store card numbers)
- Messages you send to Worthwise
- Settings you configure (cadence, day, time, timezone)
Information from your linked accounts (via Plaid)
- Account names, types, and institutions
- Account balances and balance history
- Account identifiers from your financial institutions
We do not request or store transaction-level data unless explicitly required for a feature you opt into. We do not collect your Social Security number, full account numbers, or login credentials for your financial accounts (those stay with Plaid).
Information you add manually
If you add accounts manually (for institutions Plaid can't reach) or use the AI screenshot import, we store the account name, type, balance, and any holdings you enter (ticker symbols, share counts, and prices). Screenshots and pasted text you upload to the AI importer are sent to Anthropic for one-time extraction and are not retained by Worthwise after the proposal is generated.
Information collected automatically
- IP address and user-agent for web sessions
- Authentication metadata from Twilio Verify (sign-in codes)
- Operational logs (rate limits, error traces)
How we use your information
We use your information to:
- Provide net worth summaries and answer your questions about your accounts
- Send scheduled SMS, RCS, or iMessage updates
- Process subscription payments via Stripe
- Communicate with you about service changes, security, or support
- Comply with legal obligations
- Detect and prevent fraud, abuse, or unauthorized access
We do not sell your information. We do not share your information with third parties for their advertising or marketing.
Sharing with third parties
We share information with the following providers strictly to operate Worthwise:
| Provider | Purpose | Information shared |
|---|---|---|
| Plaid | Read-only bank account linking and balance refresh | Phone number, encrypted account access tokens |
| Stripe | Subscription payment processing | Email, payment method, subscription status |
| Twilio Verify | One-time-passcode SMS at sign-in | Phone number, OTP |
| Sendblue | iMessage / SMS delivery — scheduled updates and conversational replies | Phone number, message content |
| Anthropic (Claude) | AI-powered conversational responses and extraction of accounts from uploaded screenshots | Aggregate financial context (balances, account names, deltas). For AI import: the screenshot or text you upload, sent for one-time extraction. Subject to a data-processing agreement; Anthropic does not retain or train on this data. |
| Twelve Data | Stock, ETF, and mutual-fund price data for manually-added investment holdings | Ticker symbols only. No user identity, account information, or balances are sent. Refresh runs once daily and on user-initiated ticker searches. |
| Convex | Database and scheduled jobs | All operational data |
| Vercel | Web hosting | Standard hosting telemetry (IP, request paths) |
We do not send raw transaction-level data, full account numbers, or login credentials to Anthropic or any AI provider.
AI processing of your financial data
Worthwise uses Anthropic's Claude API to generate conversational responses about your accounts. We send aggregate context (current net worth, recent snapshots, account names and types, period-over-period changes), not raw transactions or full account numbers. Per our data-processing agreement with Anthropic, this data is not retained by Anthropic and is not used to train any AI model.
Data retention
- Account and balance data: retained while your account is active.
- Conversation history: retained for up to 24 months, then purged.
- Payment records: retained as required by tax and accounting laws (typically 7 years).
- Internal audit logs of administrative access to your data: retained for 7 years.
When you delete your account, we revoke Plaid access tokens, cancel your Stripe subscription, and purge your data from our systems within 30 days, except where retention is legally required.
Your rights
Subject to applicable law (CCPA / CPRA in California, similar regimes in other states), you have the right to:
- Access your data — request a JSON export of everything we hold on you
- Delete your data — email help@worthwise.money
- Correct inaccurate data
- Opt out of communications by replying STOP
- Pause updates without deleting your account
To exercise these rights, contact help@worthwise.money.
Security
We protect your data with:
- Application-layer AES-GCM 256-bit encryption of Plaid access tokens at rest, on top of platform-level encryption at rest
- TLS 1.2+ for all data in transit
- Audit logging of internal access to user data
- Mandatory two-factor authentication on all admin consoles
- Annual security reviews and least-privilege access controls
No system is perfectly secure. If we detect a breach affecting your data, we will notify you within 72 hours.
Children's privacy
Worthwise is not intended for users under 18, and we do not knowingly collect data from anyone under 18.
Changes to this policy
We may update this Privacy Policy. We will notify you of material changes by SMS or in-app notice. Continued use of Worthwise constitutes acceptance of the updated policy.
Contact
Privacy questions or rights requests: help@worthwise.money
Questions? help@worthwise.money