Privacy & Data Security

Fiduciary Data Commitment

Savvport operates as a Zero-Trust infrastructure provider. We recognize that Financial Advisors handle sensitive household data. Our systems are architected to ensure that your firm's data—and your clients' data—remains private, encrypted, and isolated from all other users of the Terminal.

1. Data Architecture & Isolation

Unlike retail tools, Savvport utilizes Row-Level Security (RLS) powered by Supabase. This means:

• Firm Isolation: Your client households are cryptographically separated from other firms.
• No AI Training: We do not use your uploaded client data or proprietary strategy notes to train our AI models (Perplexity/LLMs).
• AES-256 Encryption: Data is encrypted at rest and in transit via TLS 1.3.

2. Information We Process

• Advisor Identity: Name, professional email, firm credentials, and billing details.
• AUM Ingestion: Portfolio symbols, share quantities, and cost basis (processed for risk audits).
• White-Label Metadata: Firm logos and advisor bios used for the PDF Report Factory.

Note: We do not store brokerage passwords. We ingest data via secure CSV or read-only API keys.

3. Regulatory Compliance

Savvport provides the necessary audit logs and data controls to assist your firm in meeting the following standards:

4. Third-Party Sub-Processors

To provide institutional-grade intelligence, we partner with:

• Stripe: Payment processing (PCI-DSS Level 1).
• Supabase: Encrypted Database & Auth (SOC2 Compliant).
• Perplexity AI: Financial narrative synthesis (Stateless processing).
• Alpha Vantage: Market data feed.

5. Data Retention & Deletion

Upon termination of your Firm License, you may request a full export of your data. Following export, all client ingestion data is purged from our production databases within 30 days, satisfying regulatory "Right to be Forgotten" requirements.