Privacy Policy
Last updated: 2026-05-09 · Version 2.0
1. Who We Are
WizeLife ("we", "us", "our") operates the website wizelife.ai and the suite of AI tools accessible through it — WizeMoney, WizeTravel, WizeTax, WizeHealth, and WizeDeal. Our contact email is [email protected]. We comply with the Israeli Privacy Protection Law of 1981 and applicable directives of the Israeli Privacy Protection Authority.
2. What We Collect
We collect only what's necessary to provide the service. Categories:
- Account data: your email address, display name, and password hash (Firebase Authentication).
- Financial data (sensitive): bank balances, fund holdings, stock holdings, goals, and budgets you voluntarily enter into WizeMoney. Stored under your Firebase user ID.
- Health data (sensitive): blood-test markers, vital signs, medications, and symptoms you voluntarily enter into WizeHealth. Stored locally in your browser by default; synced to Firestore only if you log in and choose to sync.
- Tax-related data: citizenships, residency, income brackets, and the questions you ask WizeTax. Used to personalise tax answers, not stored beyond your session unless you explicitly save a profile.
- Real-estate data: deal details (address, price, mortgage terms) you analyse in WizeDeal.
- Travel data: destinations, dates, trip plans entered in WizeTravel.
- AI queries: the questions you send, plus relevant context from your profile. Routed to one of: Google Gemini (default), Anthropic Claude, or OpenRouter (when explicitly selected). For tax-related questions, a derived search query may also go to Tavily for fresh regulatory data. Paid-tier APIs do NOT train on customer prompts. We do not retain prompts beyond the response.
- Aggregate analytics: page views, top routes, country (not city), device type, browser. Collected by Cloudflare Web Analytics in cookieless, server-side, aggregate-only form. No personal identifiers, no cross-session user tracking, no advertising ID. Not consent-gated because no cookies are set.
- Auto-categorisation data: if you use WizeMoney's auto-categorise feature, transaction descriptions are sent to Gemini for tagging, then results returned to your browser. Not stored on AI provider servers.
We do not use Google Analytics, Microsoft Clarity, Facebook Pixel, advertising trackers, or any cross-site identifier. We do not collect: government IDs, passport numbers, payment-card numbers (handled by Stripe directly when billing is live), biometric data, geolocation beyond country-level, or session recordings.
3. Why We Collect It (Legal Basis)
- Performance of contract: account auth, syncing your data, generating the AI answers you request.
- Legitimate interest: enforcing fair-use AI quotas, preventing abuse, debugging, aggregate analytics (Cloudflare) for service operation. No tracking cookies are set, no profile is built about you.
- Consent: marketing emails (when opted in), data sync to Firestore for sensitive WizeHealth records.
- Legal obligation: retaining records required by Israeli/EU law (e.g. tax audit if we become a billing entity).
We do not sell your data, share it with advertisers, or use it for any purpose other than operating and improving the service.
4. Where Your Data Lives (Cross-Border Transfer)
Most of our infrastructure is hosted in the United States by major cloud providers. By using WizeLife you consent to your data being processed in the US. We rely on Standard Contractual Clauses (SCCs) where applicable.
| Service | Region | What's processed |
|---|
| Firebase Auth + Firestore | US | Account, financial, goals, profile data |
| Google Gemini | US | AI queries (not retained beyond session) |
| Tavily | US | Web-search queries (financial/tax topics) |
| Render | US (Oregon) | API backends (master-backend, vitara) |
| Vercel | Global edge | WizeTax / WizeDeal frontends |
| GitHub Pages | US | WizeLife / WizeMoney static hosting |
| Cloudflare | Global edge | DNS, DDoS protection, WAF, cookieless aggregate analytics |
| Anthropic (Claude) | US | AI queries when user selects Claude provider (paid API, no training) |
| OpenRouter | US | AI queries when user explicitly switches provider |
| Resend (when active) | US | Transactional emails |
5. AI Processing — What the Models See
When you ask the AI a question, the prompt sent to Gemini may include:
- The text of your question.
- Aggregated context from your portfolio / health profile (only data you entered).
- Recent web-search results (Tavily, when enabled).
Google Gemini's API terms state that paid-tier inputs are not used to train models. Free-tier may be sampled for review per Google's policy. We use the paid tier where available.
You can review the exact system prompt and AI architecture in our public ARCHITECTURE.md.
6. Cookies & Local Storage
We use:
- Functional storage (always on):
wl_token, wl_sso, wl_lang, wl_theme, wl_plan — required to keep you logged in and remember your preferences. Strictly necessary; no consent banner under GDPR Article 6(1)(b).
- App data (always on): your portfolio, goals, health markers, etc. stored in your browser's localStorage so the app works offline. This data NEVER leaves your device unless you explicitly sync or send a chat.
- Analytics: Cloudflare Web Analytics only — cookieless and aggregate-only. No cross-session user identification, no persistent identifier, no advertising signal. Because no cookies are set and no PII is processed, no consent banner is required (per CNIL/ICO guidance for cookieless analytics).
- We do NOT use: Google Analytics, Microsoft Clarity, Facebook Pixel, Hotjar, FullStory, advertising cookies, retargeting pixels, or any cross-site tracker.
You can clear all functional storage at any time via your browser's controls; doing so will sign you out and remove cached app data.
7. Your Rights
Under Israeli Privacy Law and (where applicable) GDPR, you have the right to:
- Access — request a copy of all data we hold about you.
- Rectification — correct inaccurate data.
- Erasure — delete your account and all associated data.
- Portability — export your data in a machine-readable format (JSON).
- Object/restrict processing — opt out of analytics, marketing emails.
- Withdraw consent — at any time, with no penalty to functionality you've already used.
- Complain — to the Israeli Privacy Protection Authority (www.gov.il) or your local DPA in EU.
To exercise any right, email [email protected]. We respond within 30 days.
8. Data Retention
- Account data: retained until you delete your account.
- Financial / health / tax data: retained as long as you have an active account; deleted within 30 days of account deletion.
- Analytics: retained per Google Analytics defaults (14 months).
- Session replays (Clarity): retained 90 days then auto-purged.
- AI query logs: not retained beyond your active session unless required to debug a specific user-reported issue.
9. Security
- All traffic encrypted via HTTPS/TLS 1.2+.
- Firestore security rules: each user can only read/write their own data.
- Cloudflare DDoS + WAF protection.
- API rate limits (slowapi) on backends.
- Backend secrets stored only in Render/Vercel/GitHub encrypted secret stores.
- No staff accesses user data without legal need.
If a data breach occurs, we will notify affected users within 72 hours, as required by Israeli Privacy Law and GDPR Article 33.
10. Children's Privacy
WizeLife is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has created an account, contact us and we will delete it.
11. Database Registration
Once WizeLife exceeds 10,000 active users, we will register our user database with the Israeli Registrar of Databases as required by the Privacy Law. Until then, the registration threshold is not met.
12. Changes to This Policy
We may update this policy occasionally. Material changes will be communicated by email and a banner on the site. Continued use after changes constitutes acceptance.