Privacy Policy

Effective date: 1 July 2023

This Privacy Policy (“Policy”) applies to all websites, applications, and other services by WealthCounsel that link to this Policy (our “Services”).

Who we are:

In this Policy, “WealthCounsel” means WealthCounsel, LLC and its parent company and affiliates (collectively, “we”, “us, “our”).

Where your personal information is provided directly to WealthCounsel, WealthCounsel is the controller of your personal information.

Where you access the Services via one of our clients, the controller of your personal information is the entity that has the contract with us and WealthCounsel processes your personal information as a data processor.

This Policy:

This Policy explains how we collect, use, maintain, and disclose information collected about you, including when you visit our website or use our Services, attend one of our events, or otherwise interact with us. This Policy also describes your choices regarding use, access, deletion, and correction of your personal information. By submitting your personal information to us, interacting with our website, or using our Services, you acknowledge and agree to the processing of your personal information as set out in this Policy. If you do not agree to this Policy, you should not use the Services or interact with our website.

If you use our Services as part of an entity or organization that has an agreement with us (such as your employer), the terms of that organization’s contract with us for the Services apply to our collection or use of your personal information through the Services and may restrict processing further than as set out in this Policy.

Contact Us

If you have questions about this Policy, or how we collect, use, or otherwise process your personal information, please contact us at:

Privacy Officer, WealthCounsel

privacy@ati-global.com
(888) 659-4069
3 2nd Street, Suite 501
Jersey City, NJ 07302

Information we collect, how we use it, and the legal basis we rely on to do so:

When you use or access our Services or otherwise interact with us, we may collect a variety of information about you that contains information that identifies you or may be combined with other information to identify you (your “personal information”). We may collect this personal information from you or others acting on your behalf (e.g., your employer), from third parties, or automatically through use of the Services.

1. From you or someone acting on behalf of you (e.g., your employer):

Information type	Purpose of Collection and Use	Legal basis
Information submitted to us via our website or in discussions about our Services including your name, email, phone number, and employer’s street address (“Contact Data”) and information about your firm or employer (employer name, phone number, practice area)	To communicate with you about the Services or events that we offer and to provide recommendations for products and services	Legitimate interest (business development) Performance of contract Consent from the data subject (which may be withdrawn at any time)
Support information related to a request for assistance with the Services including Contact Data and usage information within the Services	To respond to support requests and improve the Services	Performance of a contract Legitimate interest (service improvement)
Event information including your disability, accessibility, or dietary requirements (that may include religious affiliation or health information) and Contact Data	To register you for events and accommodate disability, accessibility, or dietary requirements at events	Legitimate interest (business development) Consent from the data subject (which may be withdrawn at any time)
Payment information associated with an event or contract for the Services	Billing	Performance of a contract
Information about your role in a firm e.g., firm information, your Contact Data, billing rate, area of practice that is submitted to the Services by an administrator	To facilitate use of the Services	Performance of a contract

2. From others:

Information type	Purpose of Collection and Use	Legal basis
Event information from our event partners including Contact Data	To market relevant products and services	Legitimate interest (business development)
Information regarding your interaction with our campaigns, how you use our website, and how you interact with our communications (e.g., emails through cookies and third-party analytics tools)	To provide information that may be relevant to you, aimed at driving engagement	Legitimate interest (business development)
Deidentified data about how you use our Services	Internal training and troubleshooting To report on usage of and to improve the Services	Legitimate interest (service improvement)
Information from our existing clients, partners, or users including Contact Data	To market relevant products and services	Legitimate interest (business development)
Information that is publicly available about you (e.g., LinkedIn)	To market relevant products and services	Publicly available information Legitimate interest (business development)

3. Automatically:

Information type	Purpose of Collection and Use	Legal basis
Information about usage of our Services that may include IP addresses and Contact Data from automatic logging services	Security and / or support investigations and improvement of the Services	Compliance with legal obligation Performance of contract
Information submitted or stored within the Services or transferred to the Services by an integration partner such as matter information and files that may incidentally include sensitive data including copies of identification documents	To facilitate use of the Services and support investigations and improvement of the Services	Performance of contract
Device data when you use one of our applications	To understand usage of the Services and make improvements	Legitimate interest (Service improvement)

Where permitted by applicable law and our obligations in contracts with our clients, we may aggregate your non-personally identifiable data and use this data to analyze or improve our Services.

When we act as a data processor or service provider on behalf of our clients, we will process personal information in compliance with the instructions of the client, who acts as data controller of such personal information.

Who do we share your personal information with?

Where permitted by applicable law, we share your personal information for third parties to deliver the Services or in our legitimate interest. These third parties include:

• Our affiliated companies and offices, which are generally located in the United States, Canada, United Kingdom, Ireland, Poland, Australia, and New Zealand.
• Our professional advisors, such as our auditors, accountants, and lawyers.
• Third-party service providers who perform services on our behalf in connection with our Services. The services provided by such third parties include:
  • billing and processing payments;
  • marketing communications providers;
  • maintenance and support of the Services;
  • hosting and backup of the Services;
  • security of the Services;
  • improvement of the Services; and
  • analytics and reports on the Services.
  • Third party suppliers who develop and maintain integrations with WealthCounsel.
  • Any other third party where you have provided your consent.
  • Other third parties in connection with corporate activities such as mergers or acquisitions or refinancings.

We may disclose personal information to regulatory authorities and other third parties to comply with a regulatory or legal obligation, to enforce our rights, or where we have a good faith belief that it is necessary for the protection of a legitimate or vital interest such as the safety of a person or property, to the extent permitted by applicable law.

Changes to this Policy

We may update this Policy from time to time for reasons such as operational or regulatory changes. If we make any changes, we will notify you by posting the revised Policy on this page, revising the “Effective Date” at the top of this Policy and, in some cases, we may provide you with additional notice such as within our Services or by sending an email. We encourage you to review our Policy regularly for any changes.

Children

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from individuals under the age of 18. If you become aware that an individual under the age of 18 has provided us with personal information, please contact us using the contact details contained in the “Contact Us” section at the beginning of this Policy. If we become aware that an individual under the age of 18 has provided us with personal information, we will take steps to delete such information.

International transfers

Our Service is hosted and operated in the United States, with affiliate operations in Canada, the United Kingdom, Ireland, Poland, Australia, and New Zealand and other service providers. By using our Services you acknowledge that your personal information may be accessed by us or transferred to us in those jurisdictions, and accessed by or transferred to our personnel, affiliates, partners, and service providers who are located around the world.

As required by applicable laws, we take appropriate measures to ensure adequate protection of your personal information when it is transferred internationally and, if necessary, seek your prior consent.

Please note that your personal information may be subject to the laws of the jurisdiction in which you or your personal information are situated.

How we protect your personal information while processing, transferring or sharing it

We are committed to ensuring that your information is secure. To prevent unauthorized access or disclosure of personal information we have put in place suitable physical, electronic, and managerial procedures to ensure the security of personal information we hold and process. Some examples of the measures we take to help protect your personal information include:

• the use of suitable password protection measures and access privileges to monitor and control access to our IT systems;
• imposing restrictions on physical access to paper files;
• requiring any third parties engaged by WealthCounsel to provide appropriate assurances to handle personal information in a manner consistent with applicable law (including, where applicable, SCCs); and
• taking reasonable steps to securely destroy or de-identify personal information after it is no longer required.

However, the internet is not a secure environment and we cannot warrant that the personal information you share will be completely secure. When you share personal information with us, you do so at your own risk and we recommend that you take security precautions to protect your personal information on the internet. It is your responsibility to keep your password to our Services safe. You should notify us as soon as possible using the “Contact us” section at the beginning of this Policy if you become aware of any misuse of your password, or compromise of the security of the Services, and immediately change your password within the Services.

Storage of personal information

When you cease engaging with us or using the Services, we will store your personal information in identifiable form for the period permitted by applicable laws while we have a legitimate purpose for doing so.

Links to other websites or third-party applications

Our website may contain links to other websites of interest. You should note that we do not have any control over external websites or their privacy procedures. You should exercise caution and review the privacy statement of any website before providing your personal information.

When you use a third-party application within our Services, you are responsible for any transfers of data (including personal information) to those applications. We have no control over, and take no responsibility for, the privacy practices or content of these applications. You are responsible for checking the privacy policy of any such applications so that you can be informed of how they will handle personal information.

Your rights in relation to your personal information

You have the option to not share information with us. If you choose not to share your personal information with us this may mean you are unable to create a user account or take advantage of some features in our Services. Please note, some information may still be collected about you automatically through your use of our Services.

For personal information that we process on behalf of our clients, we do so on the instructions of the client as a controller. If we process your information on behalf of a client and you wish to exercise any of your data protection rights under applicable law, please contact the relevant client directly.

You may have rights under data protection laws in relation to the personal information we hold about you, depending on which laws are applicable such as:

• Access: the right to request information regarding our processing of your personal information and access to the personal information which we hold about you.
• Correction: the right to request that we correct the personal information we hold about you if it is inaccurate or incomplete.
• Erasure: the right to request the deletion of your personal information in certain circumstances.
• Restriction: the right to object to, and requesting that we restrict, our processing of your personal information in certain circumstances.
• Transfer: the right to request transfer of your personal information directly to a third party where this is technically feasible.

To submit a request or complaint regarding our processing of your personal information, please contact us via the details outlined in “Contact Us” above.

For us to facilitate your request, please ensure that your request specifies the type of request in the subject line and contains the information we need to investigate the request. We may require additional information from you to verify your identity or understand your request before providing additional information or actioning your request.

We will grant your request to exercise the above-mentioned rights to the extent required or permitted (as the case may be) by applicable law and in accordance with the timeframes (if any) in that applicable law.

Additional Information specific to California residents

The California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act 2020 (CPRA) provide California residents with specific rights regarding their personal information in certain circumstances, referred to in this section as California Privacy Rights.

1. Disclosure Requests: related to our information collection and sharing of personal information or to your specific personal information collected in the previous 12 months;
2. Do Not Sell or Share Requests: request that we not sell or share personal information about you in accordance with the regulations; and
3. Deletion Requests: request that we delete (and direct our service providers to delete) your personal information subject to certain exceptions.

Information collected, sources, and business purpose for collecting information is disclosed above in the ‘Information we collect, how we use it, and the legal basis we rely on to do so’ section.

Exercising your California Privacy rights.

To make a Disclosure Request or a Deletion Request as a California resident, please contact us by calling us at (888) 659-4069 or emailing us at privacy@ati-global.com with the subject “California Resident – CCPA Request”.

To make a Do Not Sell or Share request, please submit, or have your authorized representative submit, a request to us here: Do Not Sell or Share My Personal Information or call us at (888) 659-4069.

Once you make a Do Not Sell or Share Request, we will wait at least twelve (12) months before asking you to reauthorize personal information sale or sharing.

We will not discriminate against you as a result of your exercise of any of these rights.

Nevada Residents

We may transfer personal information for monetary consideration. If you would like to exercise your opt-out right, please email us at privacy@ati-global.com with your name and the email address associated with your use of the Services with “Nevada do not sell” in the subject line.

Virginia Residents

To exercise your Virginia Consumer Data Protection Act (VCDPA) rights, please email us at privacy@ati-global.com with your name and the email address associated with your usage of the Services with “VCDPA Request” in the subject line.

Marketing communications. You can opt-out of receiving certain marketing communications from us at any time, by clicking the unsubscribe link in the email communications we send, or by contacting us using the details contained in the “Contact Us” section. We may continue to send you non-promotional communications, such as service-related emails, billing information, and certain product updates via email.

How to make a complaint

If you believe that we have not complied with our obligations under this Policy or applicable data protection law, please contact us via the details outlined in the “Contact Us” section above.

We would appreciate the opportunity to help you resolve any concerns you may have regarding our processing of your personal information, but if we are unable to assist you with your issue or you wish to make a complaint, you may have the right to make a complaint to an authority responsible for data protection in your jurisdiction.