🔒 Security & Privacy

Your Data is Protected

WealthSignal is built on industry-standard security practices. Here's exactly how we protect your account, data, and trust.

🔐

Encryption in Transit & at Rest

  • All data transmitted over TLS 1.2 / 1.3 (HTTPS enforced on every request)
  • Database encrypted at rest via Neon Postgres AES-256
  • Sensitive credentials stored with bcrypt (cost factor 12)
  • Session tokens signed with HMAC-SHA256 and expire automatically
🛡️

Authentication & Session Security

  • Passwords hashed with bcrypt — never stored in plain text
  • JWT sessions with short expiry and httpOnly cookie options
  • Two-factor authentication (2FA) available via TOTP authenticator apps
  • Rate limiting on login & password reset to prevent brute-force attacks
  • Account lockout after repeated failed attempts
💰

No Real Money — Paper Trading Only

  • WealthSignal uses 100% simulated funds — no real money is at risk
  • We do not store bank account numbers or credit card details
  • Subscription billing is handled by Stripe (PCI-DSS Level 1 certified)
  • WealthSignal never touches your banking credentials
  • Live trading (future feature) will be fully disclosed before launch
☁️

Infrastructure & Uptime

  • Hosted on Render — enterprise-grade cloud infrastructure
  • Database powered by Neon Postgres — serverless with point-in-time recovery
  • Automated backups & disaster recovery
  • DDoS protection & Web Application Firewall (WAF)
  • 99.9% uptime SLA — monitor live at /status

🤝 Privacy — We Never Sell Your Data

WealthSignal collects only the information needed to provide the service — your email, trading activity, and preferences. We never sell, rent, or share your personal data with third-party marketers.

You can request a full export or deletion of your data at any time. Read our complete Privacy Policy for details on what we collect and how it's used.

We comply with CCPA (California Consumer Privacy Act) and are COPPA-compliant — the platform is restricted to users aged 18+.

⚖️ Regulatory Compliance

Paper Trading — Active

Fully operational. All trading is simulated. No SEC registration required for educational paper trading.

SEC Registration — In Progress

We are pursuing SEC registration as an Investment Adviser to enable live trading features. All live trading features are currently locked until approval is granted.

Broker-Dealer Partnership — Coming Soon

When live trading launches, brokerage services will be provided by a FINRA/SIPC member broker-dealer. WealthSignal itself is not a broker-dealer.

FINRA BrokerCheck

All broker-dealer operations will be conducted through FINRA-registered entities only. Verify on FINRA BrokerCheck →

SIPC Insurance — Pending Live Trading

Customer brokerage accounts will be protected by SIPC up to $500,000 (including $250,000 for cash claims) when live trading launches.

🔍 Responsible Disclosure

Found a security vulnerability? We appreciate responsible disclosure. Please email us at security@wealthsignal.net with:

We aim to acknowledge reports within 48 hours and provide remediation timelines. We do not currently offer bug bounties, but we'll publicly credit researchers who help improve our security (with their permission).

Questions or Security Concerns?

Our team takes security seriously. Reach out any time and we'll respond promptly.

📬 Contact Us Privacy Policy
SEC registration pending · Paper trading is for educational purposes only · Terms · Privacy