Privacy Policy
Last updated: March 16, 2026
1. Information We Collect
Account data. When you sign up we store your email address and authentication profile provided by Auth0. We do not store passwords directly.
API keys. Keys you generate are stored as hashed values. We log request counts and timestamps for rate-limiting and billing but do not log request bodies or response payloads.
Usage analytics. We collect anonymous usage metrics (page views, feature usage) to improve the product. No personally identifiable information is included in analytics events.
2. How We Use Your Data
- >Provide and maintain the WealthLit API and dashboard
- >Enforce rate limits and usage quotas
- >Send transactional emails (account confirmations, key rotation reminders)
- >Improve the service based on aggregate usage patterns
3. Third-Party Services
We use the following third-party services to operate WealthLit:
| Service | Purpose |
|---|---|
| Auth0 | Authentication and session management |
| Stripe | Payment processing (we never see full card numbers) |
| Hyperliquid | Perpetual futures data (funding rates, liquidations) |
4. Cookies
We use a session cookie to keep you signed in and a CSRF token cookie for security. We do not use advertising or tracking cookies.
5. Data Retention
Account data is retained while your account is active. API usage logs are retained for 90 days. You may request deletion of your account and associated data at any time by emailing support@wealthlit.xyz.
6. Security
All traffic is encrypted via TLS. API keys are stored using one-way hashes. Database access is restricted to internal services only. We follow least-privilege principles for all infrastructure access.
7. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated via email to registered users. The “Last updated” date at the top reflects the most recent revision.
8. Contact
For privacy-related questions or data deletion requests, contact us at support@wealthlit.xyz.