Golden Wealth

Privacy Policy

Effective Date: April 18, 2026

Golden Wealth (“Golden Wealth,” “we,” “us,” or “our”) operates a secure estate management platform that helps families organize, protect, and share the documents, accounts, and information that matter most. This Privacy Policy explains how we collect, use, and share your personal information when you use our website and platform (collectively, the “Service”).

By creating an account or otherwise using the Service, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.

1. Information We Collect

A. Information You Provide Directly

  • Account information — your first name, last name, email address, and password (stored as a salted bcrypt hash; your plaintext password is never stored or transmitted after initial hashing).
  • Estate content — documents you upload (wills, deeds, insurance policies, tax records, and similar); financial account details you enter manually; contact records for attorneys, CPAs, trustees, and family members; notes; and reminders you create.
  • Will Builder responses — your answers to the step-by-step will creation questionnaire, including beneficiary designations, executor information, guardian nominations, and related personal details.
  • Member invitations — email addresses of people you invite to access your estate, and the specific permissions you grant each person.
  • Marketing quiz responses — answers, contact details, and any other information you voluntarily submit through our estate readiness quiz.
  • Support communications — messages you send to our support team.

B. Financial Account Data via Plaid

If you choose to link a bank or financial account, we use Plaid, Inc. (“Plaid”) to establish that connection. When you initiate a Plaid connection, you interact directly with Plaid’s interface and authorize Plaid to share your account data with us. Data Plaid may share with us includes: institution name, account name and type, account number (last four digits), current and available balances, and transaction history.

Your Plaid access token is encrypted at rest using AES-256-GCM encryption before being stored in our database. Plaid’s collection and use of your data is also governed by Plaid’s End User Privacy Policy.

C. Automatically Collected Information

  • Usage data — pages visited, features used, and activity timestamps, collected through Vercel Analytics.
  • Device and connection data — IP address, browser type, operating system, and referring URL.
  • Session data — JWT-based session tokens stored in secure, HttpOnly cookies.

D. Advertising and Marketing Tracking

Our marketing pages use the Meta Pixel and the Meta Conversions API to measure the effectiveness of our advertising on Meta platforms (Facebook and Instagram). This means that when you visit our public marketing pages or complete our quiz, certain event data (such as page views and form submissions) may be shared with Meta, Inc. This data may include a hashed version of your email address if you have provided one. You can learn about Meta’s data practices at Meta’s Privacy Policy. The Meta Pixel is not active within your authenticated dashboard.

2. How We Use Your Information

We use the information we collect to:

  • Create and maintain your account and estate.
  • Provide the core features of the Service, including document storage, financial account tracking, the Will Builder, and member access management.
  • Process and display linked bank account data retrieved through Plaid.
  • Authenticate your identity and maintain session security.
  • Send account-related notifications, including invitation emails and reminder alerts.
  • Maintain the Audit Log for paid accounts.
  • Improve and develop the Service through usage analytics.
  • Measure the effectiveness of our marketing campaigns (using Meta Pixel and Conversions API data).
  • Respond to support requests.
  • Detect and prevent fraud, unauthorized access, and other security incidents.
  • Comply with applicable laws and legal obligations.

3. How We Share Your Information

We do not sell your personal information. We share your information only in the limited circumstances described below.

A. Estate Members You Invite

When you invite another person to your estate, that person will be able to see the specific information and sections you grant them access to, based on the permissions you set. You are responsible for your decisions about who to invite and what access to grant. You can revoke member access at any time.

B. Service Providers and Infrastructure

We work with third-party vendors that help us operate the Service. These providers are contractually bound to use your data only as needed to perform services on our behalf:

  • Vercel — application hosting, file storage (Vercel Blob), and analytics.
  • Amazon Web Services — database hosting (Amazon Aurora DSQL).
  • Plaid, Inc. — bank account linking and financial data retrieval.
  • Meta Platforms, Inc. — advertising measurement (marketing pages only).

C. Legal Requirements

We may disclose your information if required by law, regulation, subpoena, court order, or other legal process, or if we believe disclosure is necessary to protect the rights, property, or safety of Golden Wealth, our users, or the public. Where permitted by law, we will attempt to notify you before disclosing your information in response to a legal process.

D. Business Transfers

If Golden Wealth is involved in a merger, acquisition, asset sale, or other business transfer, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or material change in how your information is used.

E. With Your Consent

We may share your information with third parties when you explicitly authorize us to do so.

4. Data Security

We implement a range of technical and organizational security measures, including:

  • Encryption at rest — sensitive data (including Plaid access tokens) is encrypted using AES-256-GCM before being stored in our database.
  • Password security — passwords are hashed using bcrypt with a unique salt. We never store or log plaintext passwords.
  • Document storage — uploaded files are stored in Vercel Blob, which is access-controlled and not publicly accessible by default. Files are served through authenticated API routes.
  • Database access — our database uses keyless authentication via AWS IAM and Vercel OIDC, eliminating long-lived database credentials.
  • Permissions enforcement — every data access request is checked against the requesting user’s permissions at the application layer.
  • Transport security — all data in transit is protected using TLS.

No security system is impenetrable, and we cannot guarantee absolute security. If you believe your account has been compromised, please contact us immediately at privacy@live-golden.com.

5. Data Retention

We retain your account and estate data for as long as your account is active. If you delete your account, we will delete or de-identify your personal information within 30 days, except where we are required to retain it by law or to resolve disputes, enforce agreements, or for legitimate business purposes such as fraud prevention.

If you disconnect a linked bank account, we will delete the corresponding Plaid access token from our systems within 30 days, and we will request deletion of your data from Plaid’s systems.

Audit log records for paid accounts may be retained for up to 12 months from the date of the activity, or for the life of the account, whichever is shorter.

6. Your Rights and Choices

Access and Correction

You can access and update most of your account information directly in your account settings. For other data access or correction requests, contact us at privacy@live-golden.com.

Account Deletion

You may request deletion of your account at any time by contacting us at privacy@live-golden.com. Upon deletion, your estate content, documents, and personal data will be removed from our systems in accordance with Section 5.

Marketing Communications

You may opt out of marketing emails at any time by clicking the “Unsubscribe” link in any marketing email or by contacting us. Opting out of marketing emails does not affect transactional messages related to your account.

Advertising Opt-Out

To opt out of interest-based advertising on Meta platforms, visit your Meta Ad Preferences or use the Digital Advertising Alliance opt-out tool.

California Residents (CCPA/CPRA)

If you are a California resident, you have the right to: (a) know what categories of personal information we collect, use, and share; (b) request a copy of the specific personal information we hold about you; (c) request deletion of your personal information; (d) correct inaccurate personal information; and (e) not be discriminated against for exercising these rights. We do not sell your personal information. We do not share your personal information with third parties for cross-context behavioral advertising (outside of the Meta Pixel on marketing pages, which you may opt out of as described above). To exercise your California privacy rights, contact us at privacy@live-golden.com.

7. Children’s Privacy

The Service is intended for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected personal information from a minor, we will delete it promptly. If you believe we have inadvertently collected information from a minor, please contact us at privacy@live-golden.com.

8. Third-Party Links and Services

The Service may contain links to third-party websites or services (including links to attorneys, financial advisors, or other resources). This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you use.

9. International Users

Golden Wealth is operated from the United States and is intended for users located in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your country.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email and/or by posting a prominent notice on our website at least 14 days before the changes take effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Golden Wealth
Email: privacy@live-golden.com