Last updated May 2026
Point Wizard is built to be trusted with the most valuable thing you've got: your loyalty wealth. Here's how we protect it.
When you connect accounts, we request read-only access through our banking partner (Plaid). Point Wizard can see balances and program data — it can never move money, make purchases, or change your account settings on connected institutions.
Data is encrypted in transit with modern TLS, and sensitive data is encrypted at rest. Access tokens are protected and never exposed to your browser.
Accounts are protected by secure, cookie-based sessions. Row-level security in our database ensures each user — and each agency — can only ever see their own data.
Your bank and loyalty-program passwords are entered with the provider, not with us. We never see or store them.
If you believe you've found a security issue, we want to hear from you. Please email security@thepointwizard.com with details, and we'll respond quickly. We appreciate good-faith research and will not pursue action against researchers who act responsibly.
Security questions? Email security@thepointwizard.com.
This page is a plain-language template for an early-stage product and is provided for transparency, not as legal advice. Questions? Email contact@thepointwizard.com.