Back to Home

Privacy Policy

Effective Date: 01.02.2026

Version: 2.1 (WealthOpti Public Beta)

Swiss Data Hosting

All encrypted data blobs are stored physically in Zurich, Switzerland.

Zero-Knowledge Architecture

We cannot read your financial data. It is encrypted on your device before saving.

No Hidden Tracking

We do not sell data. We do not use advertising pixels.

User Sovereignty

Delete your account anytime. Data is wiped instantly.

1. Introduction

WealthOpti ("we", "our", "us") is a comprehensive Swiss wealth simulation, retirement planning, and tax optimization platform. We operate with a "Privacy-First" philosophy that exceeds standard regulatory requirements.

This Privacy Policy outlines how we handle data in compliance with the Swiss Federal Act on Data Protection (revFADP) and, where applicable, the General Data Protection Regulation (GDPR).

By using WealthOpti, you acknowledge that our unique Client-Side Encryption architecture means we technically cannot access or view your detailed financial simulation data.

2. The Data We Process (And What We Can't See)

Unlike traditional financial apps, we distinguish between "Account Data" (which we manage) and "Simulation Data" (which only you control).

2.1. Account Data (Visible to Us)

To manage your subscription and login.

  • Identity: Email address.
  • Security: Hashed passwords and authentication tokens.
  • Subscription: Payment status and plan type (processed by our payment provider; we do not store credit card numbers).

2.2. Simulation Data (End-to-End Encrypted - Invisible to Us)

To run your financial projections.

Important: This data is encrypted locally on your device using your unique key before it is synced to our servers. WealthOpti employees and engineers cannot decrypt or view this data.

  • Income: Salary, bonus, and household income.
  • Pension: Pillar 2 (BVG) capital, buy-in potential, and projections.
  • Assets: Pillar 3a balances, cash savings, private investments, and real estate values.
  • Personal Context: Date of birth, canton of residence, marital status, and children (used strictly for tax logic).

2.3. Technical Metadata

  • IP address (for security logging).
  • Browser type and Operating System.
  • Anonymized usage statistics (e.g., "Feature A was used 50 times") without linking to specific financial values.

3. How We Use Your Information

We use the limited data we can access solely to:

  1. Maintain Service: Ensure the application runs and syncs your encrypted data across your devices.
  2. Security: Detect and prevent fraudulent access attempts.
  3. Communication: Send critical service updates (e.g., "Subscription renewing," "New Tax Logic deployed").

We do NOT:

  • Analyze your wealth profile for marketing.
  • Sell your financial data to banks or insurers.
  • Train public AI models on your identifiable financial data.

4. Data Storage & Security Architecture

4.1. Swiss Hosting

All data—both Account Data and Encrypted Simulation Data—is stored exclusively on servers located physically within Switzerland.

  • Primary Infrastructure: Supabase, hosted on the AWS Zurich Region (eu-central-2).
  • Jurisdiction: Data remains strictly under Swiss legal jurisdiction.

4.2. The Security Stack

  • Client-Side Encryption: Your financial data is encrypted using AES-256-GCM on your device. The decryption key is derived from your password and never stored on our servers.
  • Transport Security: All connections use TLS 1.3 (Transport Layer Security).
  • Database Security: Our databases are encrypted at rest. Even if our database were compromised, the attacker would only see unreadable encrypted blobs for your financial data.

5. Data Sharing & Third Parties

We strictly limit data sharing to infrastructure providers necessary to run the service.

Provider RolePurposeData Shared
Supabase (AWS Zurich)Secure Database & AuthEncrypted Data Blobs (Unreadable)
Payment ProcessorSubscription billingEmail, Payment Method (Direct input)
Email ServiceTransactional emailsEmail Address

We never share data with advertisers, data brokers, or financial institutions.

6. Your Rights (revFADP & GDPR)

Under the revised Swiss Federal Act on Data Protection, you have the following rights:

  • Right to Access: You can export your data anytime via the "Settings" panel. Note: Since your data is encrypted, we can only provide the encrypted file. You must use your password to decrypt it.
  • Right to Rectification: You can edit any data point directly in the dashboard.
  • Right to Erasure (The "Kill Switch"): You can delete your account in Settings. This action destroys your encryption key and deletes your data blob. This is irreversible. Once deleted, even we cannot recover your data.
  • Right to Anonymity: You may use the service with a pseudonym, provided the email address is valid for verification.

7. Cookies & Tracking

  • Essential Cookies: Used strictly for keeping you logged in (Session Tokens).
  • No Ad Tracking: We do not use Google Analytics, Facebook Pixels, or third-party advertising cookies.

8. International Transfers

Your data resides in Switzerland. In the rare event a technical sub-processor (e.g., email delivery) is located outside Switzerland/EEA, we ensure compliance via standard contractual clauses (SCCs) recognized by the Swiss FDPIC.

9. Changes to This Policy

We may update this policy to reflect changes in Swiss law or our technical architecture. Significant changes will be communicated via email 30 days prior to taking effect.

10. Contact & Data Protection Officer

WealthOpti (a service of Shreevya GmbH)

[Street Address]
[Zip Code] Aargau
Switzerland

Privacy Inquiries:
support@wealthopti.ch

Regulatory Authority:

You have the right to lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC):
Feldeggweg 1, CH - 3003 Berne.

View Terms of Service →