Privacy Policy

Effective date: 23 February 2026

Last updated: 23 February 2026

WORTH AI WEALTH ("WORTH", "we", "us") respects your privacy. This Privacy Policy explains how we collect, use, share, and protect personal data when you visit our website, join our waitlist, or participate in our referral program.

Controller: WORTH AI WEALTH

Address: Suite 5, 1 Golders Green Road, London, United Kingdom, NW11 8DY

Contact: [privacy@worth.community]

---

1. What we collect

1.1 Data you provide

• Email address when you join the waitlist
• Any information you send us if you contact us

1.2 Data collected automatically

When you visit our website, we may collect:

• IP address
• Browser type and settings
• Device information
• Pages viewed and basic usage data (timestamps, referring page)

1.3 Referral program data

If you use a referral link or share one:

• A referral code or link identifier
• A record that a signup occurred via a referral link (timestamp + technical data to prevent abuse)

We do not require referrers to provide the personal data of people they refer. Referred users provide their own email address directly to us.

---

2. How we use your data

We use personal data to:

• operate the website and waitlist
• manage access invitations and onboarding (when launched)
• operate the referral program and allocate referral related benefits
• prevent fraud, abuse, and security incidents
• maintain and improve reliability and performance
• comply with legal obligations and protect our rights

---

3. Lawful bases (UK GDPR and EU GDPR)

We process personal data under one or more lawful bases:

• Steps to enter a contract / contract: to provide waitlist and referral functionality you request
• Legitimate interests: to operate, secure, and improve our website and prevent fraud/abuse (balanced against your rights)
• Consent: where required for non essential cookies and for optional communications (see Section 5)
• Legal obligation: where we must comply with law

---

4. Sharing your data

We do not sell your personal data.

We may share personal data with:

• Service providers that help us run our website and waitlist (processors)
• Professional advisers (legal, accounting) where necessary
• Authorities where required by law or to protect rights and security
• Successors in a merger, acquisition, or asset transfer (with appropriate safeguards)

---

5. Emails and communications

5.1 Current position

At the moment, we do not send emails, including confirmation emails.

5.2 Future communications

In the future, we may send:

• Service emails (for example: confirming signup, waitlist status, access invitations, security notices, or policy updates). These are not marketing.
• Optional product updates (for example: launch updates, feature availability, access windows). Where required by law, we will ask for your consent.

You will be able to opt out of optional product updates at any time via an unsubscribe link or by contacting us.

---

6. Cookies

We use cookies and similar technologies.

6.1 Strictly necessary cookies

We may use strictly necessary cookies to:

• ensure the signup flow works correctly
• prevent duplicate submissions and fraud
• support referral attribution (where applicable)

These cookies are used for functionality and security rather than marketing.

6.2 Managing cookies

You can control cookies via your browser settings. If we introduce non-essential cookies (for example, analytics), we will provide a cookie notice and, where required, consent controls.

---

7. Our service providers

We use vendors to operate the website and waitlist. Key providers may include:

• GoDaddy (domain services)
• Vercel (website hosting and delivery)
• Supabase (data storage and backend services)
• Google Workspace (email and internal operations)

These providers process personal data on our behalf under appropriate contractual terms.

---

8. International transfers

Some of our providers may process data outside the UK or EEA. Where personal data is transferred internationally, we use appropriate safeguards such as:

• UK IDTA or UK Addendum
• EU Standard Contractual Clauses
• adequacy decisions where applicable

---

9. Retention

We retain personal data for 24 months, unless:

• you request deletion earlier, or
• we must retain certain records longer for legal compliance, security, or fraud prevention

---

10. Security

We use appropriate technical and organisational measures designed to protect personal data, including access controls and encryption in transit where supported.

No system can be guaranteed 100% secure, but we work to reduce risk.

---

11. Your rights

Depending on your location, you may have rights including:

• access
• correction
• deletion
• restriction
• objection (including to legitimate interests processing)
• portability
• withdrawing consent (where consent is the basis)
• complaint to the UK ICO or your local EU supervisory authority

To exercise rights, contact [privacy@worth.community]. We may need to verify your identity.

---

12. Children

Our website and waitlist are not intended for people under 18, and we do not knowingly collect their personal data.

---

13. Changes

We may update this Privacy Policy. The effective date will reflect the latest version.

---

14. Contact

WORTH AI WEALTH

Suite 5, 1 Golders Green Road, London, United Kingdom, NW11 8DY

[privacy@worth.community]