Last Updated: December 27, 2024

At Briefly, we understand that trust is the foundation of the financial advisory relationship. This Privacy Policy describes how Briefly Wealth, LLC (doing business as "Briefly," "we," "us," or "our") collects, uses, stores, shares, and protects your information when you use our AI-powered client meeting preparation platform and related services. Our platform is built to empower financial advisors and RIAs with AI-driven insights while maintaining the highest standards of data privacy and security.

1. Scope of This Privacy Policy

This Privacy Policy describes how Briefly Wealth, LLC (doing business as "Briefly," "Company," "we," "us," or "our") collects, uses, and shares Personal Information when you use our AI-powered client meeting preparation platform and related services (the "Services"), accessible via our website at https://brieflywealth.com or any other sites or applications that link to this Privacy Policy.

We are committed to protecting your privacy and handling your data in compliance with applicable laws, including but not limited to:

• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA)
• Gramm-Leach-Bliley Act (GLBA)
• Illinois Personal Information Protection Act (PIPA)
• Illinois Biometric Information Privacy Act (BIPA)
• Other applicable state and federal data protection regulations

This Privacy Policy applies to:

• Visitors to our websites
• Financial advisors, registered investment advisors (RIAs), and wealth management professionals who use our Services
• Information about end clients that our customers upload to our platform in connection with the Services

By using our Services, you agree to the practices described in this Privacy Policy. If you do not agree with our policies and practices, please do not use our websites, access our Services, or provide us with your Personal Information.

2. Information We Collect

We collect information that you provide directly, information generated through your use of the Services, and information from third parties. This may include personal information (data that identifies or relates to an individual) and sensitive personal information, particularly given our focus on financial advisory tools.

Account and Profile Information

When you create an account or use our Services, we collect:

• Name, email address, and phone number
• Firm name, job title, and business address
• Professional credentials and certifications (e.g., CFA, CFP, Series licenses)
• Username and password

Payment Information

If you subscribe to paid features, we collect billing details such as credit card numbers, billing address, and payment history. Payment information is processed through secure third-party providers (e.g., Stripe) and is not stored directly on our servers.

Uploaded Content and Client Data

Financial advisors upload client documents to our platform, which may contain sensitive client data including:

• Client names and contact information
• Account numbers and custodial information
• Portfolio holdings, allocations, and asset details
• Cash flows, transactions, and performance data
• Financial statements, tax returns, and estate documents
• Insurance policies and annuity contracts
• Investment objectives, risk tolerance, and financial goals
• Meeting notes and client communication history

Usage and Device Information

We automatically collect information about how you interact with our Services:

• Automatically Collected Data: IP address, browser type, device type, operating system, access times, pages viewed, and interactions with the Services
• Session Information: Duration, timestamps, frequency of use, features accessed, and navigation paths
• Error Logs: Technical errors and performance data to improve our Services

AI-Processed Data

Our AI engine processes uploaded documents to generate derived insights, including:

• Portfolio trends and analysis
• Risk indicators and allocation insights
• Meeting talking points and preparation briefs
• Performance attributions and summaries
• Action items and follow-up recommendations

Communication Data

Information from emails, support tickets, chat interactions, or other communications with us.

Sensitive Personal Information

As a platform handling financial data, we may process sensitive categories including financial account information, Social Security numbers (if included in uploaded documents), tax identification numbers, and precise geolocation (if provided). We only collect and process sensitive personal information when strictly necessary to provide our Services.

Information We Do Not Collect

We do not intentionally collect information about race, ethnicity, health conditions, religious beliefs, or other prohibited sensitive categories unless such information is incidentally included in documents uploaded by our customers.

3. How We Collect Information

Directly from You

Through account registration, document uploads, form submissions, subscription purchases, and communications with our team.

Automatically

Via cookies, web beacons, pixels, and similar technologies when you visit our websites or use our Services.

From Third Parties

We may receive information from:

• Payment processors (e.g., Stripe) for billing verification
• Analytics providers (e.g., Google Analytics) for usage insights
• CRM and technology integrations you authorize (e.g., Salesforce, Redtail, Wealthbox)
• Cloud infrastructure providers (e.g., AWS) for document processing
• Identity verification services

Through AI Processing

Our AI engine uses natural language processing and machine learning to analyze uploaded documents, extracting and synthesizing data to generate insights, briefs, and meeting preparation materials. This processing occurs automatically without manual intervention.

4. How We Use Your Information

We use your information to provide, improve, and secure our Services. We process data based on the following legal grounds:

• Contractual Necessity: To deliver the Services you have requested
• Legitimate Interests: For security, fraud prevention, and service improvement
• Consent: Where you have provided explicit consent (e.g., marketing communications)
• Legal Obligation: To comply with applicable laws and regulations

Providing the Services

• Process uploaded documents with AI to generate briefs, insights, performance attributions, and meeting preparations
• Organize portfolio and activity information for easy reference
• Provide meeting preparation tools and client intelligence dashboards
• Enable search and retrieval of client information

Account Management

• Create and manage user accounts
• Authenticate access and maintain account security
• Provide customer support and respond to inquiries

Billing and Payments

• Process subscriptions and transactions
• Manage billing records and payment history
• Send invoices and payment confirmations

Improvement and Analytics

• Analyze usage patterns to enhance AI accuracy and features
• Improve user experience and platform performance
• Conduct research and development for new features

Communications

• Send service updates, security alerts, and important notices
• Provide marketing materials (with your consent where required)
• Respond to inquiries and support requests

Compliance and Security

• Detect and prevent fraud, security threats, and unauthorized access
• Comply with legal obligations and regulatory requirements
• Enforce our Terms of Service and other agreements

5. AI Processing and Model Training

Briefly uses artificial intelligence, including large language models (LLMs), to analyze documents and generate insights for meeting preparation. This section explains how we handle your data in this process.

How Document Analysis Works

When you upload documents to Briefly, our system processes them through multiple stages:

1. Document Ingestion: Documents are securely uploaded and stored in encrypted form
2. Data Extraction: Our AI extracts relevant information such as financial data, client details, portfolio holdings, and key facts
3. Intelligence Generation: Extracted data is synthesized to create meeting briefs, action items, performance summaries, and relationship insights
4. Storage and Retrieval: Processed information is stored in association with your account for future reference

Third-Party AI Model Providers

We utilize third-party AI model providers to power certain features of our Service. When your data is processed by these providers:

• No Training on Your Data: We have contractual commitments from our AI model providers that they will not use your data to train their models
• Secure Transmission: All data is transmitted using industry-standard encryption (TLS 1.3)
• Data Minimization: We implement techniques to minimize the amount of data sent to third-party providers
• Secure Processing Environments: AI processing occurs in secure environments to prevent unauthorized access to uploaded financial documents

AI-Generated Outputs

AI-generated outputs derived from Client Data (such as meeting briefs, insights, and summaries) are treated as Client Data for purposes of data ownership and protection. You retain all rights to these generated outputs.

6. How We Share Your Information

We do not sell your personal information. We may share information in the following limited circumstances:

Service Providers

We share information with vendors who assist in providing our Services, including:

• Cloud Hosting: Infrastructure providers (e.g., AWS) for secure data storage and processing
• Payment Processing: Payment providers (e.g., Stripe) for subscription billing
• Analytics: Analytics providers (e.g., Google Analytics) for usage insights
• AI Processing: AI model providers for document analysis
• Customer Support: Support platforms for ticket management

All service providers are bound by data processing agreements to protect your data and use it only for the purposes for which it was disclosed.

Affiliates and Business Partners

We may share information within our corporate group or with partners for integrated features, under similar privacy protections.

Integrations and Connected Services

When you connect Briefly to third-party services (such as CRMs, custodial platforms, or email providers), we share information as necessary to enable those integrations. Your use of such integrations is subject to the privacy policies of those third-party services.

Legal Requirements

We may disclose your information if required by law, subpoena, or government request, or to:

• Comply with legal obligations or respond to lawful requests
• Protect rights, safety, or property of Briefly, our users, or others
• Investigate fraud, security incidents, or potential violations
• Enforce our Terms of Service and other agreements

Business Transfers

If Briefly is involved in a merger, acquisition, reorganization, or sale of assets, your Personal Information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

With Your Consent

For any other purpose that you approve.

7. Data Ownership

This section clarifies the ownership of data processed through our Services:

• Customer Ownership: You (our customer) retain all right, title, and interest in Client Data that you upload to our platform
• No Transfer of Rights: Briefly acquires no ownership rights in Client Data
• AI-Generated Outputs: AI-generated outputs derived from Client Data (such as meeting briefs and insights) are treated as Client Data for purposes of ownership and are owned by you
• Aggregated Data: We may create aggregated, anonymized, or de-identified data from Client Data for research, analytics, and service improvement purposes

8. Data Security

We implement enterprise-grade administrative, technical, and organizational safeguards to protect your data:

Data Isolation

Client data is logically siloed within our infrastructure to ensure that one advisor's data is never accessible to another. Each customer's uploaded documents and generated insights are isolated within secure, separate environments. This multi-tenant architecture ensures complete separation of client data across our platform.

Technical Safeguards

• Encryption: All data is encrypted in transit (SSL/TLS) and at rest (AES-256)
• Access Controls: Role-based access controls and least-privilege access principles
• Network Security: Firewalls, intrusion detection systems, and DDoS protection
• Secure Infrastructure: Cloud infrastructure with SOC 2 compliance
• Monitoring: Continuous monitoring and logging of system activity

Organizational Safeguards

• Personnel Security: Employees with access to data are bound by confidentiality obligations that survive termination of employment
• Least-Privilege Access: Briefly employees only access Client Data when absolutely necessary for technical support, and all access is logged and audited
• Limited Access: Access to Client Data is restricted to personnel with a legitimate, documented need to know
• Security Training: Regular security awareness training for all team members
• Background Checks: Screening for employees with access to sensitive financial data
• Security Audits: Regular security audits, penetration testing, and vulnerability assessments

AI Processing Security

• Secure AI processing environments to prevent unauthorized access to uploaded financial documents
• Compliance with industry standards for financial data handling

While we strive for robust protection, no system is completely secure. We will notify you of any data breaches as required by law. You are responsible for maintaining the confidentiality of your account credentials.

9. Data Retention

We retain personal information only as long as necessary for the purposes outlined in this Privacy Policy, your account activity, or legal requirements.

Data Type	Retention Period
Account Information	Duration of account plus 7 years for legal/regulatory compliance
Uploaded Documents	Retained while account is active; deleted upon request or account closure
Generated Briefs and Insights	Retained while account is active; deleted upon request or account closure
Backup Copies	Up to 90 days after deletion request
Usage and Analytics Data	24 months in identifiable form; aggregated data may be retained longer
Billing Records	7 years for tax and legal compliance
Support Communications	3 years from resolution

Upon termination of your account or upon your deletion request, we will delete or anonymize your data within 90 days, except where retention is required for legal compliance, fraud prevention, or dispute resolution.

10. Your Privacy Rights

Depending on your location, you may have the following rights regarding your Personal Information:

• Access: Request details about the Personal Information we hold about you
• Correction: Update or correct inaccurate information
• Deletion: Request removal of your Personal Information (subject to legal exceptions)
• Portability: Receive your data in a structured, commonly used, transferable format
• Opt-Out: Of marketing communications, data sharing (if applicable), or automated processing
• Restrict Processing: Request limitation of how we process your data
• Object: Object to processing based on legitimate interests
• Non-Discrimination: We will not penalize you for exercising your privacy rights

How to Exercise Your Rights

To exercise your privacy rights, contact us at contact@brieflywealth.com. We will respond within the timeframes required by applicable law (e.g., 30 days under GDPR, 45 days under CCPA).

We may need to verify your identity before processing certain requests. If you are making a request on behalf of another person, we may require authorization documentation.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes:

• We will update the "Last Updated" date at the top of this Policy
• For significant changes, we will notify you via email and/or by posting a prominent notice on our Services
• Where required by law, we will obtain your consent to material changes

We encourage you to review this Privacy Policy periodically. Your continued use of our Services after any changes indicates your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our privacy practices, please contact us:

We are committed to resolving any privacy concerns you may have. If you are not satisfied with our response, you may have the right to lodge a complaint with your local data protection authority.