Privacy Policy

This Privacy Policy explains how WM-Agent ("we", "us", or "our") collects, uses, discloses, and stores personal information when you use our websites, applications, and related services.

For US and California users, this policy is intended to function as a notice at collection and a CCPA/CPRA rights notice.

At or before collection, we provide this notice describing:

• Categories of personal information collected.
• Business and commercial purposes for use.
• Categories of recipients and service providers.
• Retention periods or retention criteria.
• How to exercise California privacy rights.

Depending on how you use WM-Agent, we may collect:

• Identifiers: email address, account IDs, tenant IDs, device/session identifiers.
• Authentication and security data: sign-in attempt logs, session activity, anti-abuse/rate-limit metadata, audit trails.
• Profile preferences: country/state, timezone, base currency, investment experience, risk tolerance, time horizon, liquidity needs, goals, and communication preferences.
• Product usage data: interactions with features, page events, operational diagnostics.
• Legal/compliance records: policy and terms acceptance versions, acceptance timestamps, and request tickets.

In current product workflows, we do not request or require Social Security numbers, government ID numbers, full bank account numbers, or raw brokerage credentials.

If this changes, we will update this policy and apply additional safeguards and rights handling before collection.

• Directly from you (account signup, preferences, support interactions).
• Automatically from your use of our service (logs, telemetry, device/session signals).
• From integrated providers and service processors necessary to run the product (for example, email delivery providers and infrastructure vendors).

• Authenticate users and secure accounts.
• Operate and deliver product functionality.
• Personalize experiences based on user profile preferences.
• Detect abuse, investigate incidents, and enforce policies.
• Troubleshoot deliverability and reliability issues.
• Comply with legal obligations and maintain auditable records.

We may disclose personal information to:

• Service providers and processors supporting product operations.
• Professional advisers (legal, compliance, audit) under confidentiality obligations.
• Regulators, law enforcement, or courts where legally required.
• Successor entities in a merger, acquisition, or asset transfer.

We require service providers to use personal information only for authorized purposes.

As of this policy version, we do not sell or share personal information for cross-context behavioral advertising as those terms are defined under California law.

If our practices change, we will update this policy and provide applicable opt-out mechanisms.

We use essential cookies and similar mechanisms to maintain authenticated sessions, protect against abuse, and support basic product functionality.

Some analytics or operational telemetry may also use pseudonymous identifiers to measure system reliability and performance.

We retain personal information for as long as reasonably necessary to provide services, secure the platform, meet legal obligations, and resolve disputes.

Retention periods vary by data type, legal requirements, security obligations, and whether an account remains active.

We implement administrative, technical, and organizational safeguards designed to protect personal information from unauthorized access, alteration, disclosure, or destruction.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

California residents may have the right to request:

• Access to categories and specific pieces of personal information.
• Correction of inaccurate personal information.
• Deletion of personal information, subject to legal exceptions.
• Information about categories of disclosures.
• Equal service and pricing without discrimination for exercising rights.

You may also use an authorized agent where permitted by law, subject to verification requirements.

To submit a privacy or deletion request, contact privacy@belfortagent.xyz or use available in-product request tooling when signed in.

We may request additional information to verify identity before processing certain rights requests.

WM-Agent is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

If you believe a child provided personal information, contact us so we can investigate and take appropriate action.

We may update this policy from time to time. We will update the effective date and version and, when required, request renewed acceptance before continued use.

Privacy and data rights requests: privacy@belfortagent.xyz

Legal questions: legal@belfortagent.xyz