Your data. Your control.
No compromises.
Aero is built to help you understand your portfolio — not take control of it. We designed every part of the product with one goal: give you powerful, AI-driven insights without putting your data or money at risk. This page explains exactly how we do that.
We never touch your money
Aero is not a broker, custodian, or trading platform. We have no ability to execute trades, move funds, or take any action on your brokerage account. Our access is strictly read-only — we observe, we analyze, we surface insights. That's where our involvement ends.
- We do not execute trades or place orders
- We do not hold, transfer, or custody funds
- We do not have write access to any brokerage account
- We only analyze what you already own
In the future, Aero may offer optional order execution features facilitated by third-party registered broker-dealers. If and when those features are introduced, they will be governed by separate agreements and disclosures. Aero itself will never hold your funds or act as a broker-dealer. Any execution capability will remain entirely within the regulatory framework of the applicable third-party broker.
Secure connections powered by Plaid
When you connect your portfolio, we use Plaid — the leading financial data infrastructure provider trusted by thousands of financial applications and over 100 million users. Plaid acts as a secure intermediary between your brokerage and Aero.
- Your brokerage username and password are entered directly into Plaid's interface
- Aero never sees, stores, or handles your login credentials
- The access token Plaid provides us is scoped to portfolio data only
- You can revoke this access at any time from your account settings
What we access — and what we don't
We request only the minimum data we need. Below is an explicit accounting of what Plaid provides us access to, and what falls entirely outside our scope.
AI that works for you — not on you
Aero uses AI to analyze your portfolio and surface insights. We work with leading AI providers, including OpenAI and Anthropic, to generate these outputs. Our approach to AI and data is governed by the following principles:
- No model training. Your portfolio data and inputs are never used to train AI models — ours or any provider's.
- No data sales. We do not sell or share your personal data for any commercial purpose.
- Ephemeral processing. Data sent to AI providers for processing is governed by strict data handling agreements and is not retained beyond the processing window.
- You stay in control. AI outputs are research insights, not instructions. Every decision stays with you.
All AI-generated content is for informational purposes only and does not constitute financial advice. See our Terms of Service for the full AI disclaimer.
Security infrastructure
We build and operate Aero with modern, industry-standard security practices at every layer of the stack.
All data transmitted between your browser and Aero is encrypted in transit using TLS. Data at rest is encrypted using AES-256 on AWS infrastructure.
Access to Aero's internal systems is governed by role-based access control. We use token-based authentication for all API access, with no shared credentials or standing access privileges.
Aero is hosted on AWS in the United States. We rely on AWS's enterprise-grade physical security, network controls, and compliance certifications. All data remains within the US.
What we don't do
We believe it's important to be explicit about the things we've chosen not to do — not just what we do.
- We don't sell your data. No personal or portfolio data is sold to any third party, ever.
- We don't run ads. There are no advertisers on Aero. We do not target you with ads or share data for advertising purposes.
- We don't train on your data. Your portfolio inputs are never used to improve or fine-tune any AI model.
- We don't execute trades. Currently, we have no connection to order routing, execution, or brokerage infrastructure. If execution features are introduced in the future, they will be facilitated by a third-party registered broker-dealer under their own regulatory framework — Aero will never hold your funds or act as a broker.
- We don't store your credentials. Your brokerage login never passes through our systems.
- We don't access bank accounts. Plaid's integration is scoped to investment holdings only.
You're always in control
We designed Aero so that every connection and every piece of data you share is fully reversible at any time.
- Disconnect your portfolio. You can remove Plaid access from your account settings in one click. We stop receiving data immediately upon disconnection.
- Delete your account. You can request full account and data deletion at any time. Your data is removed promptly — we do not retain it in backups beyond our standard retention window.
- Request your data. California residents may request access to, correction of, or deletion of their personal information at any time under CCPA.
For any of the above, contact us at [email protected]. Our privacy team personally reviews every request.
Contact us
Our privacy team reads every message. If you have questions about how we handle your data, concerns about your account security, or requests under applicable privacy law, reach out directly.
- Email: [email protected]
- Phone: +1 415 720 8304
- Mail: Aero GTM AI Limited, 2323 Broadway, Oakland, CA 94612
For a full account of how we collect and use your data, see our Privacy Policy. For the rules governing your use of the platform, see our Terms of Service.
Security FAQ
We use industry-standard security practices to protect your data at every layer:
- Encryption in transit: TLS 1.2+
- Encryption at rest: AES-256
- Secure infrastructure providers with strict access controls
- Continuous monitoring for unauthorized access
Your data is encrypted both when it's stored and when it's transmitted.
No. We do not use your data to train public AI models.
When we use AI providers such as OpenAI or Anthropic:
- Your data is processed only to generate responses
- It is not used for training by default
- We use providers that offer enterprise-grade data protections
Your data is stored on secure, industry-leading cloud infrastructure located in the United States.
We follow best practices for:
- Data isolation
- Access control
- Secure storage and backups
Access to your data is strictly limited:
- Only authorized Aero personnel can access systems when necessary
- Access is logged, monitored, and restricted by role
- Internal access follows the principle of least privilege
No. We do not sell your data.
We only share data with trusted third-party providers when necessary to operate the product — for example, infrastructure or AI processing — and only under strict confidentiality and security agreements.
We work with a small number of trusted providers to power Aero, including:
- Cloud infrastructure providers (hosting, storage)
- AI providers (e.g., OpenAI, Anthropic)
- Analytics and monitoring tools
All providers are selected based on their security, reliability, and compliance standards.
We provide multiple layers of account protection:
- Secure authentication flows
- Support for two-factor authentication (2FA)
- Session management and monitoring
We strongly recommend enabling 2FA for additional protection.
We take security incidents seriously and act quickly:
- Immediate investigation and containment
- Notification to affected users when required
- Continuous improvements to prevent recurrence
Not yet. We are actively working toward SOC 2 compliance and have designed our systems following industry-standard security practices from the ground up.
If you discover a vulnerability or security concern, please contact us immediately at:
We appreciate responsible disclosure and will investigate all reports promptly.