AdvisorOS ("we," "our," or "us") respects your privacy and is committed to protecting it through our compliance with this policy. This Privacy Policy describes the types of information we may collect from you or that you may provide when you use the AdvisorOS platform, website, and services (collectively, the "Service"), and our practices for collecting, using, maintaining, protecting, and disclosing that information.
This policy is designed to align with the regulatory requirements of Registered Investment Advisers (RIAs), including considerations for SEC Regulation S-P regarding the privacy of consumer financial information.
1. Information We Collect
We collect several types of information from and about users of our Service:
A. Information You Provide to Us (Advisor Data)
- Account Information: Name, email address, firm name, phone number, and billing information (processed securely via Stripe; we do not store full credit card numbers).
- Integration Data: API keys or OAuth tokens used to connect AdvisorOS to your third-party CRM systems (e.g., Salesforce, Redtail, Wealthbox).
B. Information You Upload (Client Data)
As a core function of the Service, you will upload data pertaining to your clients, which may include:
- Audio/Video Recordings: Recordings of client meetings.
- Transcripts: Text transcripts of client meetings.
- Client PII: Names, financial goals, portfolio details, and other Personally Identifiable Information (PII) discussed during meetings.
Important Distinction: You are the "Data Controller" of your Client Data. AdvisorOS acts strictly as a "Data Processor." You are responsible for ensuring you have the necessary consents from your clients to process their data through our Service.
C. Information We Collect Automatically
- Usage Details: Details of your access to and use of the Service, including traffic data, logs, and other communication data.
- Device Information: Information about your computer and internet connection, including your IP address, operating system, and browser type.
2. How We Use Your Information
We use the information we collect about you or that you provide to us:
- To present our Service and its contents to you.
- To provide the core AI functionalities (generating meeting notes, tasks, and emails).
- To process payments and manage your subscription.
- To provide customer support and respond to inquiries.
- To maintain the immutable audit logs required for your compliance records.
- To fulfill any other purpose for which you provide it.
AI Training Exclusivity
We do not use your Client Data (recordings, transcripts, or generated notes) to train, fine-tune, or improve our foundational AI models. We utilize enterprise-grade API endpoints from our LLM providers (such as OpenAI or Anthropic). Under our agreements with these providers, your data is strictly used for inference (generating the output) and is not retained by the LLM providers for model training.
3. Disclosure of Your Information
We do not sell, rent, or trade your personal information or your Client Data. We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.
We may disclose personal information that we collect or you provide as described in this privacy policy:
- To Service Providers: To contractors, service providers, and other third parties we use to support our business (e.g., cloud hosting via AWS/Google Cloud, payment processing via Stripe, LLM inference via OpenAI/Anthropic). All such third parties are bound by strict confidentiality and data processing agreements.
- For Legal Compliance: To comply with any court order, law, or legal process, including responding to any government or regulatory request (such as an SEC or FINRA examination request directed at your firm).
- Business Transfers: To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of AdvisorOS's assets.
4. Data Security and Retention
We have implemented measures designed to secure your personal information and Client Data from accidental loss and from unauthorized access, use, alteration, and disclosure.
- Encryption: All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
- Access Controls: Strict role-based access controls and multi-factor authentication are enforced for all AdvisorOS personnel.
- Retention: We retain your account data and audit logs for as long as your account is active, to assist with your SEC Rule 204-2 recordkeeping requirements. If you cancel your account, you may request the deletion of your Client Data. Note that certain audit logs may be retained if required by law or to resolve disputes.
5. Your Rights and Choices
- Access and Correction: You can review and change your personal information by logging into the Service and visiting your account profile page.
- Data Deletion: You may request the deletion of your account and associated data by contacting support.
- CRM Syncing: You have full control over what data is synced to your external CRM. No data is pushed to your CRM without your explicit approval within the AdvisorOS interface.
6. Changes to Our Privacy Policy
It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users' personal information, we will notify you by email to the email address specified in your account and/or through a notice on the Service platform.
7. Contact Information
To ask questions or comment about this privacy policy and our privacy practices, contact us at:
Email: admin@vividjourney.com