Privacy Policy
Last updated: May 4, 2026
1. Firm Identification
Wealth In Yourself LLC is a registered investment adviser with the State of Nevada. CRD #322123.
- Principal:Josh St. Laurent, MS, CFP®, CFT™, APFC®, ACC
- Principal Office: 195 Highway 50 STE 205, Zephyr Cove, NV 89448
- Contact: josh@wealthinyourself.com
2. Purpose and Scope
This Privacy Policy describes how Wealth In Yourself LLC (“the Firm,” “we,” “us,” or “our”) collects, uses, discloses, and protects the nonpublic personal information (“NPI”) and personal information (“PI”) of our clients, prospective clients, and website visitors. This policy is provided in accordance with Regulation S-P (17 CFR Part 248), the California Consumer Privacy Act (“CCPA”), and Nevada Revised Statutes Chapter 603A.
This policy applies to all information collected through our advisory services, website (wealthinyourself.com), intake forms, communications, meeting recordings, technology systems used in the delivery of advisory services, and automated and artificial-intelligence-assisted systems used in our planning and operational workflows.
3. Categories of Information We Collect
3.1 Information You Provide Directly
- Full legal name, date of birth, Social Security number, and government-issued identification
- Contact information including mailing address, email address, and phone number
- Marital and family status, dependents, and beneficiary designations
- Employment information, income, and compensation details
- Assets, liabilities, net worth, and account information
- Investment objectives, risk tolerance, and time horizons
- Tax returns, estate planning documents, and insurance policies
- Business ownership details, entity structures, and operating agreements
- Real estate holdings and related financial data
- Banking and brokerage account numbers and statements
- Values, life goals, and personal priorities shared during financial life planning sessions
3.2 Information We Collect Through Our Systems
- Meeting recordings and transcripts from video conference sessions
- Email communications and correspondence
- Intake form responses and questionnaire data
- Website browsing data, cookies, and analytics
- Scheduling and calendar information
- Signed agreements and contracts
- Billing and payment information
- Structured data fields extracted automatically from your communications and meeting transcripts (for example, action items, scheduling commitments, financial figures referenced in conversation, and life-event details mentioned during planning sessions)
- Operational context derived from interaction patterns (for example, frequency and timing of communications, response patterns, and engagement indicators that inform service delivery)
3.3 Information We Receive From Third Parties
- Account holdings, balances, and transaction data from custodians
- Credit and background information from reporting agencies (only with your consent)
- Account aggregation and transaction data from financial accounts you authorize through Plaid-enabled services such as Monarch Money (you authorize the data connection directly with the aggregation service; we receive the resulting financial information for your planning)
- Referral information from professionals in your service network
4. How We Use Your Information
- Providing personalized financial planning and investment advisory services
- Preparing financial plans, projections, and recommendations
- Executing investment transactions through our custodian
- Managing your client dashboard with meeting notes, action items, and deliverables
- Processing and summarizing meeting recordings and transcripts
- Drafting and sending communications related to your advisory engagement
- Generating and managing billing and invoicing
- Complying with regulatory requirements, including recordkeeping obligations
- Aggregating context across our systems before client meetings to support thorough preparation (for example, surfacing prior conversations, prior decisions, and current account state in a single advisor view)
- Extracting structured information from communications and meetings to populate client records and reduce manual entry (for example, capturing action items, dates, and decisions in your client record automatically)
- Surfacing relationship-care moments based on patterns we observe in your communications and engagement with us (for example, noticing a friction point you mentioned and proactively addressing it)
- Improving our advisory processes and client experience
- Marketing our services (only with aggregated, de-identified data; never your personal details)
5. Artificial Intelligence and Technology Disclosure
5.1 Categories of AI Usage
We use artificial intelligence systems, primarily Anthropic's Claude, to support the following advisory and operational functions:
- Meeting transcript summarization— generating summaries of recorded meetings for advisor review and client deliverables
- Action item and structured data extraction — identifying commitments, dates, decisions, and other structured information from meeting transcripts and communications, then populating your client record
- Email triage and drafting— categorizing inbound communications and drafting response options for advisor review
- Content creation and review support— drafting marketing communications, blog posts, and educational content for advisor review prior to publication
- Dashboard and workflow management— automating routine record-keeping operations and surfacing tasks for advisor attention
- Scheduling and calendar automation— facilitating meeting coordination
- Financial plan preparation support— drafting components of financial plans and analyses for advisor review and refinement
- Pre-meeting context aggregation— assembling relevant prior context from across firm systems to support advisor preparation for upcoming client meetings
- Hospitality moment surfacing— identifying opportunities for relationship-care gestures based on patterns observed in our interactions with you
5.2 Human Oversight Commitment
All AI-generated outputs that are client-facing or that inform advisory recommendations are reviewed by Josh St. Laurent before delivery to you. AI systems do not autonomously send communications, execute transactions, or render advice without advisor review.
5.3 AI Data Handling
Client data processed by AI systems is subject to the same confidentiality protections that apply to all client data under this policy. Our AI processing relationship with Anthropic operates under contractual terms that prohibit use of customer inputs and outputs for AI model training. Anthropic's commercial terms also limit retention of inputs and outputs to a brief period for safety review, after which the data is deleted from Anthropic's systems.
We do not use client data to train AI models. We do not sell, share, or otherwise disclose client data to third parties for AI training or development purposes.
6. Third-Party Service Providers
We engage the following third-party service providers in the delivery of our advisory services. Each provider receives only the minimum information necessary to perform its function. We periodically review the security and privacy practices of our service providers.
| Category | Provider | Data Shared |
|---|---|---|
| Custodian (Primary) | Altruist | Assets, PII, account data, transaction instructions |
| Custodian (Secondary) | Interactive Brokers | Assets, PII, account data, transaction instructions for clients with accounts at this custodian |
| Customer Relationship Management | GoHighLevel | Contact information, communication history, custom fields containing financial context, pipeline status, call recordings, SMS and email content |
| Internal Workspace | Notion | Client names, meeting notes, action items, dashboard data used for advisor-internal record-keeping |
| Cloud Workspace | Google Workspace (Gmail, Calendar, Drive) | Email communications, calendar events, document storage, file storage |
| Database and Authentication Platform | Supabase | All client data, including PII, financial records, meeting records, action items, and audit logs |
| Financial Planning Software | RightCapital | Financial data, goals, projections, financial plan deliverables |
| Cash Flow Management | Monarch Money | Bank and credit account data, income, expenses, transaction-level activity |
| Cash Flow Automation | Sequence | Bank account details, automated transfer instructions |
| AI Processing | Anthropic (Claude) | Meeting transcripts, communication content, financial context provided in prompts, content drafts, structured data extraction inputs and outputs |
| Video Conferencing and Transcription | Zoom | Meeting recordings (audio and video), VTT transcripts, participant identifiers, meeting metadata |
| Digital Signatures (transitioning) | Adobe Sign | Historical signed agreements containing PII; new agreements transitioning to GoHighLevel Documents |
| Accounting | QuickBooks Online | Billing data, invoice records |
| Intake Forms | Involve.me | Questionnaire responses containing financial and personal data |
| Newsletter Distribution | Substack | Email address and subscription engagement data for clients and prospects who subscribe to firm communications |
| Web Hosting and Operational Portal Infrastructure | Vercel | Hosting infrastructure for firm websites, client portal session data, and operational portal infrastructure; client data flows through Vercel infrastructure when client portal is in active use |
| Authentication Session Storage | Upstash Redis | Authentication session tokens for portal access; no client financial data stored |
| Transactional and Workflow Email | Resend | Email addresses, email subject lines, and email content for firm-originated communications, including transactional alerts and automated workflow communications routed from our CRM (GoHighLevel) infrastructure |
| Content Delivery and DNS | Cloudflare | DNS resolution, web property uptime monitoring; request metadata only, no client financial data |
| Workflow Automation | Zapier | Limited transient data flow between firm systems and connected services |
| Website Analytics | Google Analytics (GA4) | Aggregated website visitor data including IP address and pages viewed; visitor data is anonymized and does not identify individual visitors |
7. Disclosure of Your Information
7.1 We Do Not Sell Your Personal Information
We do not sell, rent, or trade your nonpublic personal information or personal information to any third party for any purpose.
7.2 Permitted Disclosures
We may disclose your information only in the following circumstances:
- To our custodian and service providers as necessary to deliver advisory services
- To comply with applicable laws, regulations, or legal proceedings
- To respond to regulatory examinations or investigations
- To protect our rights, privacy, safety, or property
- With your express written consent
7.3 Opt-Out Rights
You have the right to opt out of certain information sharing. To exercise this right, contact us at josh@wealthinyourself.com. We will process your request within 30 days.
8. California Consumer Privacy Act (CCPA) Disclosures
8.1 Your Rights Under the CCPA
If you are a California resident, you have the following rights under the CCPA:
- Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you.
- Right to Delete: You may request that we delete personal information we have collected, subject to certain exceptions required by law or regulation.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
- Right to Opt Out of AI Processing: You may request that we suspend AI-assisted processing of your information, as further described in Section 14 of this policy.
8.2 Categories of Personal Information Collected
We collect the categories of personal information described in Section 3 of this policy, including identifiers, financial information, professional information, and internet activity data.
8.3 Business Purpose for Collection
We collect personal information for the business purposes described in Section 4 of this policy.
8.4 Sale of Personal Information
We have not sold personal information in the preceding 12 months and do not sell personal information.
8.5 Exercising Your Rights
To exercise your CCPA rights, contact us at josh@wealthinyourself.com. We will verify your identity before processing your request and respond within 45 days.
8.6 Authorized Agents
You may designate an authorized agent to submit a request on your behalf. We may require proof of the agent's authorization and verify your identity directly.
9. Data Retention
We retain your information for the following minimum periods in accordance with regulatory requirements:
| Record Type | Retention Period |
|---|---|
| Client advisory records | Minimum 5 years from last activity |
| Financial plans | 6 years |
| Meeting recordings and transcripts | Duration of engagement plus 5 years |
| Marketing records and advertisements | 5 years from last use |
| Billing records | 7 years |
| Communications (email, CRM-recorded interactions) | 5 years from creation, with first 2 years easily accessible per Books and Records Rule 204-2 |
| System audit logs | 5 years from creation |
| AI processing inputs and outputs (Anthropic) | Brief retention period per Anthropic's commercial terms (typically 30 days for safety review), then deleted from Anthropic's systems; firm-side retention applies to any AI outputs we incorporate into client deliverables, communications, or records |
10. Data Security
We implement the following security measures to protect your information:
- Encryption of data in transit (TLS/SSL) and at rest where supported by our service providers
- Encryption at rest within our primary database (Supabase) using industry-standard encryption protocols
- Multi-factor authentication on all systems containing client data, mandatory for all firm personnel
- Role-based access controls limiting data access to authorized personnel
- Database-level row-level security policies on client-data tables, ensuring data is accessible only to authorized parties at the database query layer
- Application-level audit logging on read and write operations affecting client data, with logs retained for compliance and security review
- Regular review of third-party service provider security practices
- Designed data residency: client data stored in Supabase infrastructure in the United States; AI processing inputs and outputs handled per Anthropic's contractual terms
- Secure disposal of records containing personal information
- Password-protected and encrypted devices used for advisory operations
- Ongoing monitoring for unauthorized access or suspicious activity
- An incident response plan that specifies detection, containment, notification, and remediation procedures in the event of a security incident
11. Breach Notification
11.1 What Constitutes a Breach
A data breach occurs when there is unauthorized access to, or acquisition of, unencrypted personal information that compromises the security, confidentiality, or integrity of the information.
11.2 Notification Commitment
In the event of a data breach affecting your personal information, we will notify you within the timeframes required by applicable law, including Nevada Revised Statutes Chapter 603A, the SEC's Reg S-P amendments effective in 2026 governing notification timelines, and any applicable state laws governing residents whose information may have been affected. We will also notify the Nevada Attorney General as required by Nevada Revised Statutes Chapter 603A and any other regulators with notification rights.
12. Annual Notice
We will provide you with a copy of this privacy policy annually, as required by Regulation S-P. The most current version is always available on our website at wealthinyourself.com/privacy-policy.
13. Website Cookies and Tracking
Our website may use cookies and similar tracking technologies to improve your browsing experience and analyze website traffic. We use Google Analytics (GA4) and similar analytics tools to understand how visitors interact with our website. This data is collected in aggregate and does not identify individual visitors.
When you submit your email address to receive a lead magnet or resource, your email is used solely to deliver the requested content and, if you opt in, to send periodic educational communications. You may unsubscribe at any time.
You may disable cookies in your browser settings. Doing so may affect your experience on our website but will not affect your access to our advisory services.
14. Your Consent to AI Processing
By engaging our advisory services, you consent to the use of artificial intelligence tools as described in Section 5 of this policy.
Your Right to Limit AI Processing
You may request that we suspend AI-assisted processing of your data at any time by contacting us at josh@wealthinyourself.com. Upon receipt of an opt-out request:
- Your client record will be flagged to exclude AI processing across our systems
- AI-touching workflows that handle your data — including transcript processing, action item extraction, automated communication drafting, content generation involving your information, and pre-meeting context aggregation — will respect this flag and exclude your data from automated processing
- Manual handling will replace automated processing for your account
- Continuation of advisory services will not be affected by your decision to opt out
- We will confirm receipt of your opt-out request within five business days and confirm operational implementation within thirty days
You may revoke an opt-out at any time by contacting us. We will resume AI processing of your data only after explicit confirmation from you that the opt-out is withdrawn.
15. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or regulatory requirements. We will notify you of material changes by posting the updated policy on our website and, for current clients, by providing notice through our regular communication channels. The “Last updated” date at the top of this page indicates when this policy was last revised.
16. Contact Us
If you have questions about this Privacy Policy or wish to exercise any of your rights, please contact us:
Wealth In Yourself LLC
Josh St. Laurent, MS, CFP®, CFT™, APFC®, ACC
195 Highway 50 STE 205
Zephyr Cove, NV 89448
Email: josh@wealthinyourself.com
Website: wealthinyourself.com
17. Automated Decisioning and Data Subject Rights
Our advisory services are delivered by Josh St. Laurent personally. While AI systems support our operations as described in Section 5, no decision affecting your account, your investments, your fees, or your advisory relationship is rendered by an AI system without human review and approval. AI systems extract structured information, draft communications, summarize meetings, and surface tasks for advisor attention; advisor judgment determines how to act on those outputs in your interest.
You have the following rights with respect to AI-assisted processing of your data:
- Right to know how AI is used: Section 5 of this policy describes the categories of AI usage in our practice. You may request additional detail by contacting us.
- Right to opt out: You may exercise the AI opt-out described in Section 14 at any time.
- Right to human review: Any output that an AI system produces about your account is reviewed by Josh St. Laurent before it informs advisory recommendations or is delivered to you. You may request additional information about the human review process for any specific deliverable.
- Right to challenge AI outputs: If you believe an AI-generated output (for example, a meeting summary, a financial plan draft, or a communication) inaccurately reflects your situation or our discussion, you may request correction; we will review and respond.