Privacy Policy

Last updated: 2026-06-16 · Version 2.2

1. Who We Are

WizeLife ("we", "us", "our") operates the website wizelife.ai and the suite of AI tools accessible through it — WizeMoney, WizeTravel, WizeTax, WizeHealth, and WizeDeal. Our contact email is hi@wizelife.ai. We comply with the Israeli Privacy Protection Law of 1981 and applicable directives of the Israeli Privacy Protection Authority.

2. What We Collect

We collect only what's necessary to provide the service. Categories:

Account data: your email address, display name, and password hash (Firebase Authentication).
Financial data (sensitive): bank balances, fund holdings, stock holdings, goals, and budgets you voluntarily enter into WizeMoney. Stored under your Firebase user ID.
Health data (sensitive): blood-test markers, vital signs, medications, and symptoms you voluntarily enter into WizeHealth. Stored locally in your browser by default; synced to Firestore only if you log in and choose to sync.
Tax-related data: citizenships, residency, income brackets, and the questions you ask WizeTax. Used to personalise tax answers, not stored beyond your session unless you explicitly save a profile.
Real-estate data: deal details (address, price, mortgage terms) you analyse in WizeDeal.
Travel data: destinations, dates, trip plans entered in WizeTravel.
AI queries: the questions you send, plus relevant context from your profile. Routed to one of: Google Gemini (default), Anthropic Claude, Groq, or OpenRouter (when explicitly selected). For tax-related questions, a derived search query may also go to Tavily for fresh regulatory data. Paid-tier APIs do NOT train on customer prompts. We do not retain prompts beyond the response.
Aggregate analytics: page views, top routes, country (not city), device type, browser. Collected by Cloudflare Web Analytics in cookieless, server-side, aggregate-only form. No personal identifiers, no cross-session user tracking, no advertising ID. Not consent-gated because no cookies are set.
Auto-categorisation data: if you use WizeMoney's auto-categorise feature, transaction descriptions are sent to Gemini for tagging, then results returned to your browser. Not stored on AI provider servers.
Error & crash diagnostics: when the app hits an uncaught JavaScript error or an unhandled promise rejection, we capture a compact diagnostic record — the error message, the stack trace, the app id (e.g. WizeMoney), and a sanitised page URL — and send it to our own first-party endpoint (a WizeLife Cloud Function that writes to our own Firestore errorLogs collection). This record is PII-stripped before it leaves your browser (emails and long digit sequences are redacted) and is first-party only — no Sentry, no third-party error-monitoring service, no cookies, and no persistent profile. It is throttled and runs to keep the apps working (legitimate interest), kept for diagnostics, then deleted when no longer needed.
Usage analytics (consent-gated): if you accept analytics in the consent banner, we store a first-party anonymous id (wl_anon) in your browser and record basic funnel events (e.g. which steps you reach) to understand how the product is used. This fires only after you consent, uses no third parties and no advertising, and is not tied to your name. If you choose "Essential only", no wl_anon id and no funnel events are collected.

We do not use Google Analytics, Microsoft Clarity, Facebook Pixel, advertising trackers, or any cross-site identifier. We do not collect: government IDs, passport numbers, payment-card numbers (our payment processor, PayPal, handles card and account details directly — we never see or store your full card number), biometric data, or geolocation beyond country-level. We do not use session-replay or screen-recording tools — our only diagnostic capture is the PII-stripped, first-party error & crash record described above (it records error/stack details, never a recording of your screen or session).

3. Why We Collect It (Legal Basis)

Performance of contract: account auth, syncing your data, generating the AI answers you request.
Legitimate interest: enforcing fair-use AI quotas, preventing abuse, debugging, PII-stripped first-party error & crash diagnostics, and aggregate analytics (Cloudflare) for service operation. No tracking cookies are set, no profile is built about you.
Consent: usage analytics (the wl_anon anonymous id and funnel events, via the consent banner), marketing emails (when opted in), and data sync to Firestore for sensitive WizeHealth records.
Legal obligation: retaining records required by Israeli/EU law (e.g. tax audit if we become a billing entity).

We do not sell your data, share it with advertisers, or use it for any purpose other than operating and improving the service.

4. Where Your Data Lives (Cross-Border Transfer)

Most of our infrastructure is hosted in the United States by major cloud providers. By using WizeLife you consent to your data being processed in the US. We rely on Standard Contractual Clauses (SCCs) where applicable.

Service	Region	What's processed
Firebase Auth + Firestore	US	Account, financial, goals, profile data
Google Gemini	US	AI queries (not retained beyond session)
Tavily	US	Web-search queries (financial/tax topics)
Google Cloud Run	US	API backends (WizeTax, WizeHealth, WizeTravel)
Vercel	Global edge	WizeTax / WizeDeal frontends
GitHub Pages	US	WizeLife / WizeMoney static hosting
Cloudflare	Global edge	DNS, DDoS protection, WAF, cookieless aggregate analytics
Anthropic (Claude)	US	AI queries when user selects Claude provider (paid API, no training)
OpenRouter	US	AI queries when user explicitly switches provider
Groq	US	AI queries when user explicitly selects the Groq provider (WizeHealth)
Resend (when active)	US	Transactional emails
PayPal	US / EU	Subscription billing & payment processing (WizeMoney Pro/YOLO)

4A. Who We Share Data With (Processors & Recipients)

We do not sell your personal data and we do not share it with advertisers. We do rely on a small number of vetted service providers ("processors") who handle data strictly on our behalf and under contract, solely to operate the service. Under Articles 13–14 GDPR, these are the categories of recipients:

Recipient	Purpose	Data shared
Google / Firebase	Authentication, database, hosting, AI (Gemini), first-party error logging	Account, app data you store, AI prompts, PII-stripped error records
Cloudflare	DNS, DDoS/WAF protection, cookieless aggregate analytics	Network metadata; aggregate, non-identifying analytics only
PayPal	Payment processing for paid plans (WizeMoney Pro/YOLO)	Billing identifiers and payment details (handled by PayPal directly; we never receive your full card number)
Resend	Transactional & (opted-in) email delivery	Email address and message content
Anthropic (Claude) / OpenRouter	AI processing when you explicitly select that provider	Your AI prompt and the profile context you chose to include (paid APIs; no model training)
Tavily	Web search to ground AI answers (financial/tax topics)	A derived search query (not your raw personal data)

We may also disclose data where required by law (e.g. a valid legal order) or to protect our rights and the safety of users. We do not transfer your data to any party for their own independent marketing.

5. AI Processing — What the Models See

When you ask the AI a question, the prompt sent to Gemini may include:

The text of your question.
Aggregated context from your portfolio / health profile (only data you entered).
Recent web-search results (Tavily, when enabled).

Google Gemini's API terms state that paid-tier inputs are not used to train models. Free-tier may be sampled for review per Google's policy. We use the paid tier where available.

You can review the exact system prompt and AI architecture in our public ARCHITECTURE.md.

6. Cookies & Local Storage

We use:

Functional storage (always on): wl_token, wl_sso, wl_lang, wl_theme, wl_plan, wl_consent (remembers your analytics choice) — required to keep you logged in, remember your preferences, and honour your consent decision. Strictly necessary; no consent banner under GDPR Article 6(1)(b).
App data (always on): your portfolio, goals, health markers, etc. stored in your browser's localStorage so the app works offline. This data NEVER leaves your device unless you explicitly sync or send a chat.
Aggregate analytics: Cloudflare Web Analytics — cookieless and aggregate-only. No cross-session user identification, no persistent identifier, no advertising signal. Because no cookies are set and no PII is processed, this does not require consent (per CNIL/ICO guidance for cookieless analytics).
Usage analytics (consent-gated): a first-party anonymous id wl_anon plus funnel events, stored in your browser only if you choose "Accept all" in the consent banner. No third parties, no advertising, not tied to your identity. Choose "Essential only" and none of this is set.
Error & crash diagnostics (no cookies): PII-stripped error/stack-trace records sent to our first-party endpoint to keep the apps working. No persistent identifier is stored on your device for this, and no third-party error service is used.
We do NOT use: Google Analytics, Microsoft Clarity, Facebook Pixel, Hotjar, FullStory, advertising cookies, retargeting pixels, or any cross-site tracker.

You can clear all functional storage at any time via your browser's controls; doing so will sign you out and remove cached app data.

Accessibility Statement

We want WizeLife to be usable by everyone, including people who rely on assistive technologies. We aim to follow the Web Content Accessibility Guidelines (WCAG) 2.1 Level AA and continue to improve as we find gaps. If you encounter an accessibility barrier, or need information in an alternative format, email hi@wizelife.ai and we will work with you to provide the content or fix the issue.

7. Your Rights

Under Israeli Privacy Law and (where applicable) GDPR, you have the right to:

Access — request a copy of all data we hold about you.
Rectification — correct inaccurate data.
Erasure — delete your account and all associated data.
Portability — export your data in a machine-readable format (JSON).
Object/restrict processing — opt out of analytics, marketing emails.
Withdraw consent — at any time, with no penalty to functionality you've already used.
Complain — to the Israeli Privacy Protection Authority (www.gov.il) or your local DPA in EU.

To exercise any right, email hi@wizelife.ai. We respond within 30 days.

8. Data Retention

Account data: retained until you delete your account.
Financial / health / tax data: retained as long as you have an active account; deleted within 30 days of account deletion.
Aggregate analytics: Cloudflare Web Analytics is cookieless and aggregate-only — no per-user Cloudflare record is stored about you. (We do not use Google Analytics, Microsoft Clarity, or any session-replay tool.)
Usage analytics (consent-gated): if you accept analytics, the first-party anonymous id (wl_anon) and funnel events are kept only to compute product-usage statistics, and only for as long as needed for that purpose. They are tied to an anonymous id, not your identity. Withdrawing consent or clearing browser storage stops and removes this collection.
Error & crash diagnostics: PII-stripped error/crash records in our first-party errorLogs are kept only as long as needed to diagnose and fix issues, then deleted.
AI query logs: not retained beyond your active session unless required to debug a specific user-reported issue.

9. Security

All traffic encrypted via HTTPS/TLS 1.2+.
Firestore security rules: each user can only read/write their own data.
Cloudflare DDoS + WAF protection.
API rate limits (slowapi) on backends.
Backend secrets stored only in Google Cloud / Vercel / GitHub encrypted secret stores.
No staff accesses user data without legal need.

If a data breach occurs, we will notify affected users within 72 hours, as required by Israeli Privacy Law and GDPR Article 33.

10. Children's Privacy

WizeLife is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has created an account, contact us and we will delete it.

11. Database Registration

Once WizeLife exceeds 10,000 active users, we will register our user database with the Israeli Registrar of Databases as required by the Privacy Law. Until then, the registration threshold is not met.

12. Changes to This Policy

We may update this policy occasionally. Material changes will be communicated by email and a banner on the site. Continued use after changes constitutes acceptance.

13. Contact

Questions about this policy? Email hi@wizelife.ai.