Privacy Policy

When you use VestWise, we collect:

• Contact details you provide — email, phone number, full name
• Professional details — employer, job title, RSU broker
• Calculator inputs you enter — vest amounts, tax withholdings, FX rates, remittance history
• Pageview data — pages visited, time on page, referrer
• Device and network information — IP address, browser type, operating system
• Cookie-based identifiers — used only with your consent for analytics and advertising

• Lead management — to respond to you and provide the service you requested
• Product improvement — to understand which features are valuable and where users drop off
• Ad retargeting — with your consent, to show VestWise ads on Instagram, Google, and LinkedIn
• Legal compliance — to meet obligations under Indian tax law, DPDP Act, GDPR, and CCPA

We do not sell your data. We share it only with the following processors:

• Meta Platforms (Facebook, Instagram) — for ad retargeting, only with marketing consent
• Google (Ads and Analytics) — for ad retargeting and site analytics, only with relevant consent
• LinkedIn — for ad retargeting, only with marketing consent
• Firebase (Google Cloud) — for authentication, database, and file storage (infrastructure)
• Anthropic — for AI chat responses (messages only; no identity)

No data is shared with advertisers, data brokers, or third-party aggregators beyond the above.

• Active leads (no account yet): 3 years from last interaction
• Paying users: duration of subscription + 7 years for tax and financial record retention as required by Indian law
• Anonymous FX rate submissions: indefinitely, with no personal identifier
• Analytics data: 14 months (Google default) for GA4; rolling 6-month window for Meta Pixel data

As a Data Principal under the Digital Personal Data Protection Act, 2023, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate or outdated data
• Request erasure of your data (subject to legal retention obligations)
• Nominate another individual to exercise these rights on your behalf
• Grievance redressal — contact our Grievance Officer with any concerns

To exercise these rights, email privacy@vestwise.in.

If you are in the European Economic Area or the United Kingdom, you have the following rights under the GDPR and UK GDPR:

• Right of access — obtain a copy of your personal data
• Right to rectification — correct inaccurate data
• Right to erasure ("right to be forgotten") — delete your data in certain circumstances
• Right to data portability — receive your data in a structured, machine-readable format
• Right to object — to processing based on legitimate interests, including direct marketing
• Right to restrict processing — in certain circumstances

Legal basis for processing: consent (for marketing and analytics cookies), contract (for service delivery), and legitimate interest (for security and fraud prevention).

If you are a California resident, under the California Consumer Privacy Act you have the right to:

• Know what personal information we collect, use, and disclose
• Request deletion of your personal information
• Opt out of the sale or sharing of personal information (note: VestWise does not sell personal information)
• Non-discrimination — we will not treat you differently for exercising your rights

To submit a request, email privacy@vestwise.in with the subject line “CCPA Request”.

Some of our processors (Meta, Google, LinkedIn, Firebase, Anthropic) are based in the United States and process data on servers located outside India. By using VestWise, you acknowledge that your data may be transferred to and processed in countries with different data-protection standards.

We rely on standard contractual clauses and processor agreements that require these providers to protect your data consistent with the standards of the DPDP Act, GDPR, and CCPA where applicable.

We use essential cookies (required for the site to function), analytics cookies (optional), and marketing cookies (optional). You can manage your preferences at any time via the “Manage cookies” link in our footer.

For a full list of cookies we use, see our Cookie Policy.

General privacy queries: privacy@vestwise.in

Data Protection Officer / Grievance Officer: Panduranga Rao Sadhu — dpo@vestwise.in

Postal address: Wonderring Technologies Pvt Ltd, India

We will update this policy as our practices change or as required by law. When we do, we will update the “Last updated” date above. Significant changes will be notified via email to registered users.