wealth.com has been recognized as a Great Place To Work!

You can trust your information is safe.

Wealth.com uses administrative, operational and technical security processes to protect our users’ personal and sensitive information. Our commitments to user entities are documented and communicated in Service Level Agreements (SLAs), customer agreements and the online service offering description.

  • We confirm it’s really you

    We confirm it’s really you

    A multi-factor authentication system makes the sign-in process easy and secure.

  • Our encryption is top level

    Our encryption is top level

    Wealth’s platform uses https protocol, which means that any Personal Information entered into the platform is encrypted. While many sites use https, encrypted at 64 or 128-bits, Wealth is protected by 256-bit encryption—equivalent to the encryption used by banks and most financial institutions.

  • We do our due diligence

    We do our due diligence

    SOC 2 is an auditing standard maintained by the American Institute of Certified Public Accountants (AICPA) to test an organization’s internal controls or information security and privacy. Our SOC 2 compliance means that Wealth is audited against five Trust Services Criteria yearly, comprising security, availability, confidentiality, privacy and processing integrity.

  • We never sell your data

    We never sell your data

    Privacy is our priority. We’re here to help you achieve financial wellness, not sell your data.

Compliance Certifications and Memberships

Wealth.com uses best practices and industry standards to achieve compliance with industry-accepted general security and privacy frameworks, which helps our customers meet their own compliance standards.

Security

We have undergone a Service Organization Control 2 (SOC 2) Type 2 audit, resulting in an independent CPA’s report and certification. This certification goes beyond the requirements of the SOC Type 1 certification that most cloud-based service providers use to safeguard customer data. This certification demonstrates our commitment to security, confirms that we have established strict information security policies and procedures, and ensures that we provide independent third-party verification that our operations meet or exceed defined controls for the security of your data.


Cloud Security

Wealth uses multiple technologies to prevent unauthorized access or compromise of Wealth’s resources, including logical and physical controls to segment data, systems and networks. Wealth restricts access between networks using security groups and network access control lists.

Access Control

Access to Wealth’s environments is controlled and monitored and requires two-factor authentication. System access is granted on a “least privilege” principle only after a documented business process requiring management approval.

Data Encryption

Wealth uses industry-standard SSL/TLS 1.2+ encryption for data in transit. Data is also encrypted at rest using Advanced Encryption Standard (AES) 256-bit encryption.

Change and Vendor Management

Wealth follows a strict change and vendor management process. Changes are reviewed and tested, including security and code reviews. Vendors undergo a detailed security due diligence assessment before onboarding.

Logging and Monitoring

Wealth continuously monitors its application, security and network. Logs are reviewed for possible security findings and performance issues.

Corporate Security

Wealth has implemented an information security program, including security policies that need to be reviewed for every employee and an annual information security awareness training program.

Personnel Security

Wealth employees must undergo a background check process before hiring and are subject to written confidentiality agreements.

Data Privacy

It’s imperative to us that your private information stays private.


Storage in the US

Wealth is a US company, and your data never leaves the country.

We don’t sell your information

Your information is your own. Wealth doesn’t sell your information or any information uploaded to our platform.

Access Control

Wealth’s employees don’t have access to your personal information. Access to data requires a business justification and approval by a manager.

Compliance

Our agreements and policies provide our subscribers transparency and detailed information about wealth.com’s Services, which in turn support our subscribers in meeting their own legal and compliance standards.


SOC2 Type II Certification

SOC2 is a set of compliance requirements and processes targeted for third-party service providers. It was developed to help companies determine whether their vendors can securely manage data and protect the interests and privacy of their clients. Wealth is proudly a SOC2 Type 2 certified company, and we go beyond the regular Security SOC2 requirements, including Availability, Integrity, Confidentiality and Privacy requirements.

Visit Our Trust Center

Trust Center