You can trust your information is safe.
Wealth.com uses administrative, operational and technical security processes to protect our users’ personal and sensitive information. Our commitments to user entities are documented and communicated in Service Level Agreements (SLAs), customer agreements and the online service offering description.
We confirm it’s really you
A multi-factor authentication system makes the sign-in process easy and secure.
Our encryption is top level
Wealth’s platform uses https protocol, which means that any Personal Information entered into the platform is encrypted. While many sites use https, encrypted at 64 or 128-bits, Wealth is protected by 256-bit encryption—equivalent to the encryption used by banks and most financial institutions.
We do our due diligence
SOC 2 is an auditing standard maintained by the American Institute of Certified Public Accountants (AICPA) to test an organization’s internal controls or information security and privacy. Our SOC 2 compliance means that Wealth is audited against five Trust Services Criteria yearly, comprising security, availability, confidentiality, privacy and processing integrity.
We never sell your data
Privacy is our priority. We’re here to help you achieve financial wellness, not sell your data.
Compliance Certifications and Memberships
Wealth.com uses best practices and industry standards to achieve compliance with industry-accepted general security and privacy frameworks, which helps our customers meet their own compliance standards.
Security
We have undergone a Service Organization Control 2 (SOC 2) Type 2 audit, resulting in an independent CPA’s report and certification. This certification goes beyond the requirements of the SOC Type 1 certification that most cloud-based service providers use to safeguard customer data. This certification demonstrates our commitment to security, confirms that we have established strict information security policies and procedures, and ensures that we provide independent third-party verification that our operations meet or exceed defined controls for the security of your data.
Wealth uses multiple technologies to prevent unauthorized access or compromise of Wealth’s resources, including logical and physical controls to segment data, systems and networks. Wealth restricts access between networks using security groups and network access control lists.
Access to Wealth’s environments is controlled and monitored and requires two-factor authentication. System access is granted on a “least privilege” principle only after a documented business process requiring management approval.
Wealth uses industry-standard SSL/TLS 1.2+ encryption for data in transit. Data is also encrypted at rest using Advanced Encryption Standard (AES) 256-bit encryption.
Wealth follows a strict change and vendor management process. Changes are reviewed and tested, including security and code reviews. Vendors undergo a detailed security due diligence assessment before onboarding.
Wealth continuously monitors its application, security and network. Logs are reviewed for possible security findings and performance issues.
Wealth has implemented an information security program, including security policies that need to be reviewed for every employee and an annual information security awareness training program.
Wealth employees must undergo a background check process before hiring and are subject to written confidentiality agreements.
Data Privacy
It’s imperative to us that your private information stays private.
Wealth is a US company, and your data never leaves the country.
Your information is your own. Wealth doesn’t sell your information or any information uploaded to our platform.
Wealth’s employees don’t have access to your personal information. Access to data requires a business justification and approval by a manager.
Compliance
Our agreements and policies provide our subscribers transparency and detailed information about wealth.com’s Services, which in turn support our subscribers in meeting their own legal and compliance standards.
SOC2 is a set of compliance requirements and processes targeted for third-party service providers. It was developed to help companies determine whether their vendors can securely manage data and protect the interests and privacy of their clients. Wealth is proudly a SOC2 Type 2 certified company, and we go beyond the regular Security SOC2 requirements, including Availability, Integrity, Confidentiality and Privacy requirements.