Privacy Policy

Stewardis Inc., a Delaware C-Corporation ("Stewardis," "we," "us," or "our"), is committed to protecting the privacy and security of your personal and financial information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our Wealth Intelligence Platform (the "Platform"), visit our website at stewardis.com (the "Site"), or otherwise interact with us.

By accessing or using our Platform, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the Platform.

1. Information We Collect

1.1 Account & Company Information

When you register for the Platform, we collect the information you provide, including your company or firm name, country of incorporation, tax identification number (e.g., CNPJ, EIN, VAT, Company Number), business address, administrator contact name, email address, phone number, and assets under management range.

1.2 Authentication Data

We use passwordless email authentication. We collect your email address and generate temporary verification codes sent to that email. We also store session tokens, device information (user-agent), and IP addresses for security purposes.

1.3 Client Data

As a wealth advisory platform, you may input sensitive client information, including client names, contact details, financial profiles, risk assessments, investment portfolios, discovery records from client meetings, AI-generated analysis and insights, and investment policy statements (IPS).

1.4 Usage Data

We automatically collect information about how you interact with the Platform, including pages viewed, features used, timestamps, browser type, operating system, and referring URLs.

1.5 Cookies & Local Storage

We use browser local storage to maintain your authentication session and user preferences. We do not use third-party advertising cookies.

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve the Platform and its features; authenticate your identity and secure your account; process client data through our AI analysis pipeline; generate investment reports and wealth strategies; communicate with you about your account, including verification codes and service updates; comply with legal obligations and regulatory requirements; detect, prevent, and address fraud, abuse, or technical issues; and analyze usage patterns to improve user experience.

3. AI Processing & Data Analysis

Our Platform uses artificial intelligence to analyze client meeting data and generate investment insights. Client data submitted for AI processing may be sent to third-party AI providers (such as OpenAI or Anthropic) for analysis. We require these providers to maintain confidentiality and not use your data for training their models. AI-generated outputs are stored in our database and associated with your account. You retain full control over client data and may request deletion at any time.

4. How We Share Your Information

We do not sell, rent, or trade your personal information or client data. We may share information with service providers who assist in operating the Platform, including cloud hosting (AWS), email delivery (Resend), database services (PostgreSQL), and AI processing providers, subject to confidentiality obligations. We may also disclose information if required by law, court order, subpoena, or governmental request; to protect the rights, property, or safety of Stewardis, our users, or others; or in connection with a merger, acquisition, or sale of assets, with appropriate notice.

5. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit via TLS/SSL, rate limiting on authentication and API endpoints, JWT-based session management with expiration, database-level access controls and data isolation per advisor, and security headers (HSTS, X-Frame-Options, X-Content-Type-Options). While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your account and company information for as long as your account is active or as needed to provide you services. Client data (discovery records, reports, insights) is retained until you request deletion or terminate your account. Verification codes expire after 10 minutes and are marked as used. Session data is retained for security auditing purposes. Upon account termination, we will delete or anonymize your data within 90 days, except where retention is required by law.

7. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal information; request a copy of your data in a portable format; restrict or object to certain processing activities; withdraw consent where processing is based on consent; and lodge a complaint with a data protection authority. To exercise any of these rights, contact us at [email protected].

8. International Data Transfers

Our servers are located in the United States (AWS). If you are accessing the Platform from outside the United States, your information will be transferred to and processed in the United States. We take steps to ensure that international transfers comply with applicable data protection laws, including implementing appropriate safeguards such as standard contractual clauses where required.

9. Financial Data Compliance

As a platform serving wealth advisors, we are committed to maintaining the highest standards of financial data protection. We maintain strict data isolation between advisor accounts. Client financial information is never shared across accounts. We support compliance with applicable financial regulations (SEC, CVM, FCA, and others depending on jurisdiction). The Platform is a tool for licensed financial professionals and does not itself provide financial advice.

10. Children's Privacy

The Platform is designed for use by business professionals and is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Site and updating the "Effective Date" at the top. Your continued use of the Platform after any changes constitutes your acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: