Legal
Privacy Policy
Effective Date: June 26, 2026
DynasticAI is a private family vault and household operating system designed to help households organize sensitive records, assess readiness, and prepare structured next steps while preserving dignity, auditability, and role-based access.
This Privacy Policy explains how DynasticAI collects, uses, discloses, stores, and protects personal information when individuals visit DynasticAI websites, create an account, use the Vault or related applications, or interact with institution-sponsored DynasticAI access.
1. Position and boundaries
DynasticAI is an educational technology platform and household records platform. It is not a law firm, not a robo-advisor, not a filing service, and not a substitute for licensed legal, tax, financial, fiduciary, or investment advice.
AI features prepare analysis, organize records, extract structured information, and surface potential gaps. Where a matter requires licensed judgment, DynasticAI is designed to route the matter to qualified counsel or other licensed professionals rather than present the platform as a substitute for that judgment.
Wood Legal Group may be presented as an affiliated legal option for certain matters, but it remains a separate legal practice operating with professional and ethical boundaries.
2. Information DynasticAI collects
DynasticAI may collect the following categories of information:
- Account and identity information, such as name, email address, phone number, authentication credentials, passkey registrations, MFA settings, device and session records, and household role designations.
- Household and profile information, such as household display names, household member roles, onboarding answers, readiness information, and institution or source tags tied to enrollment.
- Vault and dossier information, such as document names, categories, dates, seal states, storage paths, metadata, audit events, permissions, and related structured records.
- Document-derived information, such as extracted parties, dates, beneficiaries, clause metadata, conflict indicators, signature counts, and other structured findings generated to support Counsel Briefs, readiness reviews, and cross-document analysis.
- Wealth and planning information, such as manually entered assets, liabilities, ownership mappings, liquidity indicators, probate exposure flags, and beneficiary alignment markers.
- Communications and support information, such as lead forms, private-access requests, newsletter signups, service messages, and support correspondence.
- Technical and security information, such as IP address, browser or device characteristics, crash or error logs, event logs, and product analytics configured to avoid unnecessary personal information.
DynasticAI does not require a user to provide every category of information in order to browse public pages, but some information is necessary to create an account, maintain security, deliver household features, or route institution-linked access.
3. How DynasticAI uses information
DynasticAI may use personal information to:
- authenticate users, enforce mandatory MFA, manage devices and sessions, and apply idle-session locks and Quick Lock controls;
- create and manage household accounts, role-based access, and permission overlays;
- store, classify, encrypt, organize, and display documents and dossier records;
- generate Counsel Briefs, readiness outputs, conflict scans, and other structured educational analyses;
- surface missing documents, timing risks, beneficiary mismatches, incomplete records, and related structural gaps;
- process billing, subscriptions, and institution-related access logistics;
- respond to support requests, service issues, and operational inquiries;
- improve system security, monitor abuse, preserve auditability, and investigate incidents;
- comply with legal obligations, lawful process, and internal governance requirements.
DynasticAI's design priority is to preserve auditability and closed-universe household separation rather than maximize data sharing or engagement.
4. Legal bases for processing
Where applicable law requires a legal basis for processing, DynasticAI may rely on one or more of the following: performance of a contract, legitimate interests in operating and securing the service, consent where required, and compliance with legal obligations.
Where sensitive records are involved, DynasticAI seeks to minimize unnecessary processing and to use the information for the limited platform purposes described in this Privacy Policy rather than for unrelated profiling or advertising.
5. AI processing and model restrictions
DynasticAI uses AI only through controlled server-side workflows. The product standard forbids calling third-party AI models from the browser and forbids storing AI prompts, model responses, or document content in any service whose data-retention agreement is not zero-retention.
DynasticAI's AI systems are governed by universal guardrails that prohibit invented authority, require auditability, prohibit autonomous transactions, and require licensed review where legal judgment is necessary.
AI-generated outputs are informational and educational. They may identify possible gaps, conflicts, or recommendations, but they do not replace legal review, tax advice, fiduciary judgment, or professional investment advice.
DynasticAI does not sell user document content to train public foundation models, and it does not authorize household document content to be used for generalized advertising purposes.
6. Security architecture
DynasticAI is built around a strong-protection posture for household records. The documented architecture includes mandatory MFA, passkey support, TOTP fallback, five-minute idle session locks, Quick Lock controls, per-document envelope-key encryption, AWS KMS-backed key wrapping, encrypted blob storage, watermarked viewing, and a full chain-of-custody log for every document interaction.
The platform is designed so that each household operates as a closed universe. Access is controlled through household membership, role-based permissions, and document- or dossier-level permission overlays, including time-bounded grants and reveal restrictions.
DynasticAI also states that tenant data tables must remain protected by Row Level Security and that all actions involving household data must be attributable and auditable.
No security measure is absolute. DynasticAI therefore combines encryption, access controls, audit logs, and operational monitoring, but cannot guarantee that unauthorized access, interception, or misuse will never occur.
7. Sharing and disclosures
DynasticAI does not sell personal information in the ordinary consumer-advertising sense.
DynasticAI may share information only as reasonably necessary with the following categories of recipients:
- service providers and subprocessors that help operate hosting, authentication, encrypted storage, payments, email delivery, analytics, monitoring, and workflow infrastructure, subject to contractual and operational restrictions;
- institution partners, only to the extent needed to provision sponsored access, report high-level program participation, or support contractual administration, and not as a blanket right to inspect household document content;
- licensed attorneys or other professionals, but only when the user requests or authorizes a professional handoff, or when a separate professional engagement is initiated;
- other household members, trustees, advisors, or delegates according to the permissions, shares, and roles established within the household environment;
- courts, regulators, law enforcement, or other parties where disclosure is required by law, lawful process, or the protection of rights, safety, property, or service integrity.
The admin operating standard expressly states that internal staff cannot read household document content absent an explicit, time-boxed permission grant issued by a household member.
8. Analytics, cookies, and tracking
DynasticAI may use essential cookies and similar technologies to maintain authentication, preserve session security, store site preferences, and measure product usage.
The documented analytics standard calls for product analytics configured with no unnecessary personally identifiable information, and the platform's broader voice and brand rules favor operational discipline over advertising-style profiling.
DynasticAI does not position itself as an ad-tech business and should not use household document content or sensitive dossier information for cross-context behavioral advertising.
9. Data retention
DynasticAI retains information for as long as reasonably necessary to provide the service, maintain household records, preserve audit trails, comply with legal obligations, resolve disputes, enforce agreements, and support continuity features such as legacy access or record export.
Because the platform is designed as a family archive and court-ready record system, some records, audit events, and custody logs may need to be retained longer than ordinary SaaS application logs, especially where the purpose of the platform is continuity, integrity, and defensible recordkeeping.
When retention is no longer necessary, DynasticAI should delete or de-identify information subject to technical, legal, and archival constraints.
10. User rights and choices
Depending on jurisdiction, users may have rights to request access, correction, deletion, export, restriction, objection, or withdrawal of consent for certain processing activities.
DynasticAI's product design already contemplates data export, settings controls, session management, device review, and legacy-access administration as part of the platform experience.
Some deletion or restriction requests may be limited where DynasticAI must preserve security logs, audit trails, billing records, fraud-prevention information, or legally required retention data.
11. Children and family use
DynasticAI is built for adult household organization and intergenerational planning, including records concerning minors, dependents, and heirs, but the service is not intended for unsupervised use by children.
A household administrator, parent, guardian, trustee, or other authorized adult must ensure that any information entered about another person, including a minor or dependent adult, is provided lawfully and with appropriate authority.
12. Cross-border issues
DynasticAI may store and process information in the United States and through service providers operating in the United States or other relevant jurisdictions tied to its infrastructure providers.
Users who access the service from outside the United States understand that their information may be transferred to and processed in jurisdictions with different data-protection rules than their home jurisdiction, subject to applicable contractual and legal safeguards.
13. Changes to this Privacy Policy
DynasticAI may update this Privacy Policy from time to time to reflect changes in the service, legal requirements, security practices, or operating structure.
If a change is material, DynasticAI should provide notice through the website, application, or other reasonable communication channel before the revised policy becomes effective, unless a shorter timeline is required for legal or security reasons.
14. Contact
Privacy requests, security concerns, and policy questions should be directed to DynasticAI through the contact information listed on the website or through the designated office contact used for platform operations and support.