AssetView Products and Services Privacy Policy

Effective Date / Last Updated: January 19, 2026

⸻

Overview

AssetView LLC and/or its subsidiaries and affiliates (referred to as “AssetView,” “AV,” “we,” “our,” or “us”) thank you for selecting our Services.

This AssetView Products and Services Privacy Policy (“Policy”) explains how AssetView collects, uses, stores, and shares information in connection with the Services. This Policy applies to Subscribers and Designated Users to the extent they are authorized to access or use the Services. Unauthorized access or use is prohibited and does not expand AssetView’s obligations under this Policy, although information incidentally received in connection with unauthorized activity may be handled as described in this Policy and applicable law. For clarity, Subscriber controls Account-level settings, sharing permissions, and rights for the Account.

The security of your information is important to us. While we strive to protect your information using commercially reasonable safeguards, no method of transmission over the Internet or electronic storage is 100% secure.

⸻

Key Definitions

This Policy uses the following terms:

“Account” means the Subscriber’s registered account for access to the Services, including associated credentials, profiles, settings, and any Designated Users associated with such account.

“Affiliate(s)” means, with respect to a party, any entity that directly or indirectly controls, is controlled by, or is under common control with that party, where “control” means ownership of more than fifty percent (50%) of the voting interests or the power to direct management.

“Application(s)” or “App(s)” means AV-provided or third-party integrations, extensions, plugins, connectors, or other software components that add to, modify, or enable functionality in the Services, which may be offered under separate subscription terms, pricing, or Product Terms.

“Application Provider” means the legal entity (or its authorized affiliate) that provides an Application (and any related services) and is the contracting party responsible for that Application under the terms governing it. For Applications provided by AssetView, the Application Provider is AssetView LLC (or the AssetView entity identified in this Policy). Any “provider,” “developer,” “seller,” “author,” or similar label displayed within the Services (including in an app directory or listing) is provided for convenience only and is not determinative of the Application Provider or the party legally responsible for the Application.

“AV Websites” means websites owned or operated by AssetView LLC and/or its subsidiaries and affiliates, including assetview.com and any subdomains, paths, and pages (including /legal) through which AssetView makes Services, Product Terms, documentation, pricing, or other materials available.

“De-Identified Data” means data that may be derived from Personal Data and/or Personal Investment Data that does not reasonably identify a User or an Account.

“Designated User” means a person to whom Subscriber elects to share access to certain Account Content (such as a portfolio) through the Services, subject to the sharing permissions selected by Subscriber and the limitations described in the Services and applicable terms. For clarity, the Subscriber controls the Account and manages Account-level settings, permissions, and rights for the Account and its Designated Users.

“Documentation” means user guides, FAQs, support articles, technical documentation, and other materials that AssetView makes available describing features or intended use of the Services, whether within the Services or on AV Websites.

“Open-Source Software” means software components, libraries, frameworks, or code made available under open-source licenses that may be included in, incorporated into, distributed with, or used in connection with the Services.

“Personal Data” (or “PD”) means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked (directly or indirectly) to a User or Account. For purposes of this Policy, information Processed by or on behalf of AV in connection with the Services will be treated as PD to the extent it identifies or relates to a User or Account (such as contact details, authentication events, device/session identifiers, billing records, support communications, and usage telemetry).

“Personal Investment Data” (or “PID”) means the account balances, positions, holdings, and transactions and related portfolio information associated with an Account Processed by or on behalf of AV in connection with the Services (including where such information is derived from documents or files a User uploads or information you enter into the Services, to the extent used to create, update, or modify accounts, balances, positions, holdings, or transactions). For purposes of this Policy, information will be treated as PID to the extent it reflects or is used to create, update, or modify accounts, balances, positions, holdings, or transactions. PID may also constitute PD to the extent it is reasonably capable of being associated with, or linked to, a User or Account; however, for purposes of this Policy, where this Policy provides PID-specific terms, those terms govern.

“Processed” means any operation performed on information, whether by automated means or otherwise, such as collecting, recording, organizing, storing, accessing, using, analyzing, modifying, transmitting, disclosing, sharing, generating, or deleting.

“Product Terms” means product- or feature-specific terms, pricing, packaging, program terms, and/or usage-limit terms made available through the Services or on AV Websites that apply to specific Service offerings, editions, features, or Applications, including definitions for product metering terms.

“Services” means all AssetView services and products made available to Subscriber, including, without limitation: (a) the web application at client.assetview.com; (b) any other resources reached at the assetview.com domain and via related subdomains, paths, or pages (excluding public marketing site content which is subject to the AssetView Websites Terms of Use and Privacy Policy); (c) any installed application clients or software that access the Services; (d) application programming interfaces (“APIs”) offered by AssetView; (e) AssetView’s cloud services (“AV’s Cloud”); (f) Applications (defined herein); (g) support, customer service, and billing operations related to the Services; and (h) professional services offered by AssetView.

“Subscriber” means the individual or entity that uses the Services under an Account and accepts the applicable AssetView services terms.

“Third-Party App(s)” or “Third-Party Developer App(s)” means an Application where the Application Provider is a third party (not AssetView).

“Third-Party Website(s)” means third-party websites or online services that are linked to or otherwise accessible from the Services or AV Websites.

“Usage” means consumption of the Services measured under applicable Product Terms, including by reference to metering concepts such as Assets, Transactions, and Connectors, and other feature- or volume-based measures that may apply to a particular Service edition or App.

"User(s)” means Subscriber and any Designated Users, in each case to the extent authorized to access or use the Services.

“You” or “your” means a User.

“Including” The words “include,” “includes,” and “including” are deemed to be followed by the words “but not limited to,” whether or not expressly stated.

⸻

What information do we collect and use?

In connection with the Services, AV may collect and use information such as your name and email address; device, session, and network identifiers (including IP address); interaction data (such as clicks, pages viewed, and features used); device and application attributes (such as type, version, and language); and usage metrics (such as counts of portfolios, users, assets, connectors, transactions, accounts, and installed Apps). The Services may also include or use third-party software components (including open-source components) and service providers to operate, secure, and improve the Services. We use this information for purposes such as billing, customer support, delivering and securing the Services, and understanding product performance and improving the Services.

⸻

How does AssetView treat your Personal Investment Data?

Your PID is not disclosed to third parties in identifiable or readable form except in the following circumstances. AV and its service providers may Process encrypted PID on AV's behalf for hosting, backup, synchronization, security, and support, subject to contractual and technical controls.

• You opt to share it through functions in AssetView. In these cases, AssetView makes reasonable efforts to advise you in advance of the share and may also provide a choice as to what PID will be shared.
• Subscriber opts to authorize a Designated User to access a portfolio. A Designated User’s access is subject to the sharing permissions Subscriber select and the limitations described in the Services. Designated Users must be independent subscribers with their own credentials. A Designated User may view (and, where enabled by your permissions, export or interact with) the portfolio(s) and associated PID until Subscriber revoke access through the Services. Subscriber is responsible for sharing choices and permissions; ensuring all rights and permissions required to share the data; and ensuring that each Designated User complies with the terms of this Policy that apply to such access.
• You install Apps. If you opt to install Apps, you are choosing to share PID with that App Provider. The treatment of PID by Apps is described below.
• Legal and safety requirements. In response to a subpoena, court order, or other valid legal process, or as otherwise required by applicable law.
• Protection of rights and security. Where AV believes in good faith that disclosure is reasonably necessary to protect the rights, property, or safety of AV, users of the Services, third parties, or the public.

If you share PID with a third party, that recipient will have access to the PID you authorized from the time you grant access until you revoke access through the Services. After you revoke access, the recipient will not receive further updates through the Services. However, the recipient may retain information previously accessed, exported, copied, cached, or saved prior to revocation, and AssetView cannot control how a recipient stores or uses data outside the Services.

⸻

How does AssetView interact with AI?

If you opt to use AssetView’s AI features, you are choosing to share certain PID (and/or related context) with one or more third-party AI models for processing. AssetView applies technical controls designed to limit the detail shared and reduce the likelihood that shared data is personally identifiable; however:

• You control (a) the names and labels you assign to accounts and assets that may be included in AI prompts and outputs, and (b) the content of your AI conversations;
• You are responsible for ensuring you do not include personally identifiable information (or other sensitive information) in account or asset names, labels, uploaded documents, or chat messages submitted for AI processing unless you intend for such information to be processed by the selected AI provider; and
• AI models are owned by independent entities from AssetView. Their processing may be governed by their own terms and policies. AssetView may present, within the Services, the AI provider options available at a given time (and any provider-specific notices). Please review provider notices before enabling or using AI features.

AI outputs may be inaccurate, incomplete, or inappropriate and are provided for informational purposes only. You are responsible for verifying outputs before relying on them.

⸻

Can I purge my Personal Investment Data from AssetView?

Yes, Subscriber may delete portfolios and associated PID through the Services. Designated Users may be able to remove locally stored copies from their own devices (for example, by clearing site data), but only the Subscriber may delete portfolios or manage Account-level retention and settings. The Services generally store information locally first (including, as applicable, within an installed application’s storage or a browser’s site storage such as cache, IndexedDB, or local storage) and may transmit and store an encrypted copy of PID in AV’s cloud for backup, synchronization, and continuity of the Services. Deletion behavior depends on the Subscriber’s Account configuration and the features enabled for the Account (and, as applicable, each User’s device/browser settings):

• Local storage. Portions of PID may reside locally on User devices and/or within browser storage. Clearing site data for the AssetView domain may remove locally stored data from that browser. You acknowledge that local copies may exist across multiple browsers and devices and may require deletion on each.
• AV cloud systems, synchronization, and encrypted backups. If PID is stored in AV’s cloud systems (including encrypted backups, synchronization, or other cloud-dependent features), then upon deletion of a portfolio, or upon expiration or termination of the Services for the Subscriber's Account, AssetView will delete the applicable PID from its active production systems within a commercially reasonable time, subject to (a) normal backup cycles and technical constraints (including retention and rolling deletion/overwriting of encrypted backups), and (b) any legal, security, fraud-prevention, dispute, or compliance hold where retention is required or permitted by law. For clarity, PID may persist for a limited period in encrypted backups, disaster recovery systems, or logs consistent with those backup cycles and technical constraints.
• Third parties. Where PID is shared with a third-party (e.g if you share a portfolio with a Designated User or use AI features), such third parties may retain data pursuant to their own terms and policies. AV does not control retention or deletion of data once transmitted to or stored by third parties outside the Services.
• Account termination; trial expiration. Upon trial expiration without subscription, cancellation by the Subscriber, or termination of the Services for the Subscriber's Account, AV may, subject to applicable law, delete portfolios and associated PID from AV systems and/or delete or inactivate connections between AV and third parties associated with Subscriber’s account, consistent with AV’s data retention practices.
• Copies outside the Services. AssetView cannot delete copies of PID or other information that you store or save outside the Services (for example, exported files, downloaded reports, screenshots, or information stored in third-party Apps, devices, or services).

⸻

How does AssetView treat your Personal Data?

AssetView does not sell your PD. AV uses PD for purposes including:

• billing and Account administration (including subscription management), at the direction of the Subscriber;
• authentication and access management for Users (with Account-level permissions controlled by the Subscriber);
• customer support, processing requests for assistance;
• bug-fixing, diagnostics, and analytics to improve products and services;
• security monitoring including, but not limited to, fraud, abuse, and misuse prevention;
• communicating important information (e.g., security notifications, product updates, administrative messages);
• value-added services and marketing/advertising operations; and
• complying with legal obligations and enforcing our policies and agreements.
  For clarity, our marketing/advertising uses of PD are limited to first-party marketing communications and high-level measurement; we do not use PD to run third-party targeted advertising campaigns unless we clearly disclose and provide choices where required by law. Where required by law, each User may have choices to opt out of certain marketing communications sent to that User (see “Your Rights and Choices” below).

AV may disclose PD to the following categories of recipients, only as necessary for the purposes described in this Policy:

• Internal personnel. AV employees and authorized personnel, only as needed for the purposes described above and subject to access controls and confidentiality obligations.
• Service providers. Third-party contractors, affiliates, subsidiaries, and other service providers that perform services on AV’s behalf (such as hosting, billing, customer support, communications delivery, security monitoring, and analytics). Service providers may include vendors and software components used for hosting, authentication, payments, diagnostics, and analytics, which may include open-source software components and third-party libraries used within the Services. Their use of PD is subject to contractual obligations and safeguards intended to ensure they use PD only to provide services to AV, and AV takes steps to limit their access, use, and disclosure of PD consistent with this Policy, including technical, organizational, and administrative safeguards. The service providers we use may change from time to time. Examples of key service providers include:
  • Microsoft (Cloud Services): cloud hosting, storage, and related infrastructure services.
  • Clerk (Authentication): user authentication and access management. AV does not store your authentication credentials (e.g., passwords or OAuth secrets).
  • Plaid (Financial Institution Connectivity): enables connections to supported financial institutions. Financial institution credentials are provided directly to Plaid, and AV does not store those credentials.
  • Stripe (Payments): subscription payment processing. Payment information is provided directly to Stripe, and AV does not store payment method details (though AV may store a token or identifier to administer billing).
• Legal and safety. In response to a subpoena, court order, or other lawful governmental request; where required or permitted by law; or when AV believes in good faith that disclosure is reasonably necessary to protect the rights, property, or safety of AV, our users, third parties, or the public.

AssetView may retain Personal Data (“PD”) and related service logs and operational records (including audit logs, authentication logs, and operational diagnostics) as reasonably necessary for Account administration (including subscription and billing, at the direction of the Subscriber); providing, maintaining, and improving the Services; billing and payment processing; maintaining system integrity; security and fraud prevention; dispute resolution; compliance with applicable law; enforcing this Agreement; and establishing, exercising, or defending legal claims—and, where permitted by applicable law and your choices, for communications and marketing purposes. AssetView retains such information only for as long as reasonably necessary for these purposes and as permitted by applicable law.

The Services are not intended for individuals under 18, and we do not knowingly collect Personal Data from individuals under 18. If we learn that we have collected Personal Data from an individual under 18, we will take reasonable steps to address the issue, including deletion where appropriate and as required by applicable law.

⸻

How does AssetView treat De-Identified Data?

AssetView may generate De-Identified Data (defined herein) to operate, maintain, secure, support, and improve the Services, including for analytics, product development, performance optimization, reliability, fraud and abuse detection and prevention, security monitoring, benchmarking, and internal business analysis. AssetView may also use De-Identified Data for high-level, non-targeted marketing and advertising analytics (for example, to understand feature adoption or product performance), but not to identify, contact, or target you or any individual.

De-Identified Data may be retained, used, and disclosed by AssetView for these purposes. AssetView will maintain De-Identified Data in de-identified form and will not attempt to re-identify De-Identified Data except as necessary to validate de-identification processes, detect or respond to security incidents, or comply with applicable law. AssetView will not disclose De-Identified Data in a manner that reasonably could re-identify any individual.

⸻

How is App data treated?

If you enable an App, information shared with the App may include PID and/or PD. The App may then share PID and/or PD with third parties (e.g., to perform AI functions). Where feasible, the Services may present disclosures describing (a) the categories of information the App will access from your AssetView account (based on settings you choose) and (b) whether the App indicates it will share that information with third parties. These disclosures may be provided by the Application Provider, and AssetView does not guarantee their completeness.

Third-Party Apps are governed by the Application Provider’s own terms, policies, and notices. AssetView does not control, and is not responsible for how an Application Provider uses, retains, or discloses data under its own terms. When you install or enable a Third-Party App, the Services may present additional disclosures and/or require you to accept the Application Provider’s terms, policies, or notices. Please review them before installing, enabling, or using a Third-Party App. For clarity, Apps and other components used with the Services may include third-party and/or open-source software components. This Policy addresses data handling; license terms for software components are addressed in the applicable AssetView services terms and third-party notices.

⸻

Your Rights and Choices

Depending on where you live and applicable law, you may have certain rights and choices regarding your information, which may include:

• Access and portability: requesting a copy of certain PD related to that User’s use of the Services and, where applicable, PID associated with portfolios the User is permitted to access;
• Correction: requesting corrections to inaccurate PD about that User;
• Deletion: requesting deletion of certain PD; and Subscriber may delete portfolios and associated PID (Designated Users may request the Subscriber to delete or revoke access, as applicable).
• Marketing preferences: opting out of certain marketing communications sent to that User (you may still receive important administrative and security messages).

Subscriber controls Account-level settings. If you are a Designated User, certain actions (such as deleting a shared portfolio, changing Account settings, or managing other users’ access) may require the Subscriber to take action.

To exercise rights or request assistance, contact us using the information below. We may take reasonable steps to verify your identity (and, where applicable, your authority to act for the Subscriber or access the relevant portfolio) before fulfilling certain requests. In some cases, we may deny or limit a request as permitted by law (for example, where we cannot verify your identity or where an exception applies). Where required by applicable law, you may appeal our decision by contacting us using the information below.

⸻

Business Transfers

If AV, or substantially all of its assets, were acquired, or in the unlikely event that AV goes out of business or enters bankruptcy, PD, PID, and other information processed in connection with the Services may be among the assets transferred or acquired. You acknowledge that such transfers may occur, and that any acquirer of AV may continue to use PD, PID, and other information processed in connection with the Services as set forth in this Policy, subject to applicable law.

⸻

Policy Changes

AssetView may update this Policy from time to time in its sole discretion. We encourage you to review this Policy periodically. If we make material changes, we will provide notice through the Services, such as by email to the address associated with the Account (typically the Subscriber’s email), an in-app notice, and/or by posting the updated Policy with a new effective date. Where required by applicable law, we will obtain your consent or require you to acknowledge the updated Policy. To the extent permitted by law, your continued use of the Services after the effective date of an updated Policy constitutes your acceptance of the updated Policy. ⸻

Contact Us

If you have questions about this Policy or want to exercise your rights, contact us at legal@assetview.com or write to: AssetView, Attn: Legal, 66 W Flagler Street, Suite 900, PMB 12192, Miami, Florida 33130, United States.