Bitsy is prepared, protected & compliant
Disclosure Delivery & Proof
- Happens on every new signup automatically. You can’t mess this up!
- Bitsy presents your clients with your disclosures before a client is fully enrolled. You can find a timestamp of when an agreement was executed, as well as when disclosures were delivered within the client section of your dashboard. Your clients receive disclosures as attachments via email and can access your documents within their client portal.
Updates & Reporting
- We retain world-class RIA attorneys to keep you continually up-to-date and in-line with your state and national compliance regualtions. You even gain access to their time, should you need it!
- Bitsy automatically tracks and timestamps client enrollment steps to ensure you have what you need during audit.
Client Information and Record Retention Requirements?
- Our compliance staff keeps us up to date on such requirements, and removal can only happen upon request to our support staff so that advisors can not remove manually. If advisors request removal, we ask them if they are complying with required record retention periods before proceeding with removal. If they are not in compliance we reserve the right to deny their request unless there is a legally accepted circumstance that would allow such removal.
Bulletproof enrollment compliance comes standard.
Perpetual compliance updates from world-class RIA attorneys.
Cross off a few line items on your list, you’re covered at all times.
Lawful, fair and transparent data processing in relation to individuals:
- Bitsy’s onboarding module only collects data required by law to enroll new clients.
Specified, explicit and legitimate purpose for data collection:
- Bitsy’s onboarding and other custom modules clearly identify required data from prospets and clients. We also make it easy to completely purge data from Bitsy, simply reach out and we’ll do it fo you if you meet guidelines for legal disposal.
Relevant data, limited to only what is necessary in relation to it’s purpose:
- Bitsy’s onboarding module ONLY collects relevant information to compliant client enrollment. We allow your prospects and clients to electronically sign enrollment documents, proving consent for data collected.
Personal data should be kept for no longer than is necessary for proper subject identification:
- You will be eligible to remove all collected data in regards to one or multiple client(s), when storing of such data becomes irrelevant. Bitsy also creates a trail of all changes made by or on behalf of prospects and clients, for your security.
Personal data should be accurate and up to date, where necessary:
- Clients agree within Bitsy’s modules to provide you with clear and accurate data. It is their responsibility to abstain from delivering false information.
Personal data should be processed securely; furthermore, in a manner that is appropriate to the sensitivity of such data.
- Bitsy provides a high level of data encryption to all members, ensuring that all customer information is perpetually stored in a secured database. We utilize state-of-the-art hacker prevention protocol to prevent access to our network. We continually update our anti-virus and malware prevention systems to keep you, your prospects and your clients safe.
terms of service
You agree to and accept these terms by acknowledging and consenting to the terms included in this disclaimer. You may not use the Service or accept the Terms if (a) you are not an active subscriber (b) you are not of legal age to form a binding contract with Bitsy Advisor®, or (c) you are a person barred from using the Service under any applicable laws or regulations. If you are an active user, you are prohibited from sharing the product(s) you receive with any other person beside yourself. Failure to fully comply with all terms herein will result in legal action, to the fullest extent of the law.
Bitsy Advisor® is a licensed entity belonging to BA Platform Holdings, LLC which is in legal compliance with the state(s) in which it effects business as a software provider to Registered Investment Advisory firm(s). You acknowledge that BA Platform Holdings, LLC its employees and its agents are NOT financial advisors and/or financial planners that handle the dissemination of investment advice, and can not, through the Service, advise you. You also acknowledge that Bitsy Advisor®, its employees and its agents may have NO FIDUCIARY RELATIONSHIP with you, as we are not in the business of effecting investment advice.
To the maximum extent permitted by law, Bitsy Advisor® disclaims any and all liability in the event that any content or data contained in the Service is inaccurate, unreliable, incomplete, and/or results in any monetary loss of any kind. Nothing in the Service should be construed as an offer to buy, an offer to sell, or a recommendation for or against any security by Bitsy Advisor® or any third party.
The Service is protected by copyright, trade secret and trademark laws. Portions of the Service contain information and data from third party providers, subject to their own copyright and trademark provisions.
Neither Bitsy Advisor® nor its content providers are responsible for any damages or losses arising from any improper use of this service. Certain parts of the information provided in the Service is proprietary to Bitsy Advisor® and/or its content providers; may not be copied or distributed, and is not warranted to be accurate, complete or timely.
Bitsy Advisor® does not give you permission to transmit client information contained within the Service to other individuals on social media (all forms), in your sphere of influence, or any other form of communication that is not authorized to receive such Service. You agree not to modify, copy, create a derivative work of or otherwise attempt to recreate the Service or any part thereof, unless this is expressly permitted or required by law, or unless you have been specifically told that you may do so by Bitsy Advisor®, in writing.
Use of This Service
You acknowledge that each subscription to the Service is designed, intended and licensed for use by a single named user only. You agree not to share access to and/or advice from the Service with any other individuals or entities, except where expressly permitted by Bitsy Advisor®. You agree that you are solely responsible for the activities that occur under your subscription to the Service.
You agree to provide accurate and correct information about your identity, your address, and your payment information. You agree to use the Service only for purposes that are permitted by (a) the Terms, and (b) any applicable laws or regulations.
You agree not to access any of the Service by any means other than that provided by Bitsy Advisor®, except where expressly permitted by a separate agreement with Bitsy Advisor®. You agree not to engage in any activity that interferes with or disrupts the Service, or the servers and networks connected to the Service. You specifically agree not to use automated means (including the use of scripts or web crawlers) to access the Service.
Unless specifically permitted in a separate agreement with Bitsy Advisor®, you agree that you will not reproduce, duplicate, copy, sell, trade or resell the Service for any purpose.
Due to third party agreements with certain providers of data to the Service, the results and outputs from the Service, including but not limited to its reports, code and any other private material, may not be used in informational dissemination to the public, mass communications or advertisements, in any form or fashion.
You are welcome to request cancellation of the Service at any time, knowing that you will not receive a refund in any form for such services. If you want to cancel your subscription, you may do so by written notification to Bitsy Advisor® via electronic mail to the address mentioned above. Cancellation is deemed effective when you receive an acknowledgement from a Bitsy Advisor® employee that your message has been received.
If another individual is paying for your account, and that individual ceases payment of your subscription, for whatever reason, it is your responsibility to notify Bitsy Advisor® using the process described herein, that they are no longer to be financially responsible for your account. If you choose to make such a notification, you also agree to provide updated contact and payment information, so Bitsy Advisor® can attempt to transfer financial responsibility for the account to you or a different individual claiming the aforementioned responsibilities.
Exclusion of Warranties
NOTHING IN THESE TERMS, INCLUDING THE “EXCLUSION OF WARRANTIES” AND “LIMITATION OF LIABILITY” SECTIONS, SHALL EXCLUDE OR LIMIT BITSY ADVISOR’S WARRANTY OR LIABILITY FOR LOSSES WHICH MAY NOT BE LAWFULLY EXCLUDED OR LIMITED BY APPLICABLE LAW. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF CERTAIN WARRANTIES OR CONDITIONS OR THE LIMITATION OR EXCLUSION OF LIABILITY FOR LOSS OR DAMAGE CAUSED BY NEGLIGENCE, BREACH OF CONTRACT OR BREACH OF IMPLIED TERMS, OR INCIDENTAL OR CONSEQUENTIAL DAMAGES. ACCORDINGLY, ONLY THE LIMITATIONS WHICH ARE LAWFUL IN YOUR JURISDICTION WILL APPLY TO YOU AND OUR LIABILITY WILL BE LIMITED TO THE MAXIMUM EXTENT PERMITTED BY LAW.
ANY MATERIAL DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF THE SERVICE IS DONE AT YOUR OWN DISCRETION AND RISK AND THAT YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR OTHER DEVICE OR LOSS OF DATA THAT RESULTS FROM THE DOWNLOAD OF ANY SUCH MATERIAL.
YOU EXPRESSLY UNDERSTAND AND AGREE THAT YOUR USE OF THE SERVICE AT YOUR SOLE RISK AND THAT THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE.” IN PARTICULAR, BITSY ADVISOR®, ITS SUBSIDIARIES AND AFFILIATES DO NOT REPRESENT OR WARRANT TO YOU THAT: (a) YOUR USE OF THE SERVICE WILL BE UNINTERRUPTED, TIMELY, SECURE OR FREE FROM ERROR, (b) YOUR USE OF THE SERVICE WILL MEET YOUR REQUIREMENTS, or (c) ANY INFORMATION OBTAINED BY YOU AS A RESULT OF YOUR USE OF THE SERVICE WILL BE ACCURATE OR RELIABLE.
NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED BY YOU FROM BITSY ADVISOR® OR THROUGH OR FROM THE SERVICE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THE TERMS. BITSY ADVISOR® FURTHER EXPRESSLY DISCLAIMS ALL WARRANTIES AND CONDITIONS OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
Limitation of Liability
SUBJECT TO THE OVERALL PROVISIONS IN THESE TERMS, YOU EXPRESSLY UNDERSTAND AND AGREE THAT BITSY ADVISOR®, ITS SUBSIDIARIES AND AFFILIATES SHALL NOT BE LIABLE TO YOU FOR:
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL CONSEQUENTIAL OR EXEMPLARY DAMAGES WHICH MAY BE INCURRED BY YOU, HOWEVER CAUSED AND UNDER ANY THEORY OF LIABILITY. THIS SHALL INCLUDE, BUT NOT BE LIMITED TO, ANY LOSS OF PROFIT (WHETHER INCURRED DIRECTLY OR INDIRECTLY), OR OTHER INTANGIBLE LOSS;
ANY LOSS OR DAMAGE WHICH MAY BE INCURRED BY YOU, INCLUDING BUT NOT LIMITED TO LOSS OR DAMAGE AS A RESULT OF YOUR OR BA PLATFORM HOLDING’S ACTIONS;
ANY RELIANCE PLACED BY YOU ON THE COMPLETENESS, ACCURACY OR EXISTENCE OF ANY ADVICE;
ANY CHANGES WHICH BITSY ADVISOR® MAY MAKE TO THE SERVICE, OR FOR ANY PERMANENT OR TEMPORARY CESSATION IN THE PROVISION OF THE SERVICE (OR ANY ASPECTS WITHIN THE SERVICE);
THE FAILURE TO STORE, DELETION OF, OR CORRUPTION OF ANY CONTENT AND OTHER COMMUNICATIONS DATA MAINTAINED OR TRANSMITTED BY OR THROUGH YOUR USE OF THE SERVICE;
YOUR FAILURE TO PROVIDE BITSY ADVISOR® WITH ACCURATE ACCOUNT INFORMATION; ALL OF THE LIMITATIONS ON BA PLATFORM HOLDING’S AND IT’S PRODUCT, BITSY ADVISOR®, LIABILITY TO YOU SHALL APPLY WHETHER OR NOT BITSY ADVISOR® HAS BEEN ADVISED OF OR SHOULD HAVE BEEN AWARE OF THE POSSIBILITY OF ANY SUCH LOSSES ARISING.
Changes to the Terms
Bitsy Advisor®, through the Service, may make changes to the Terms at any time. When these changes are made, Bitsy Advisor®, through the Service, will make a new copy of the terms available on its website. You understand and agree that if you use the Service after the date on which the Terms have changed, Bitsy Advisor®, through the Service, will treat your use as acceptance of the updated Terms.
General Legal Terms
The Terms constitute the whole legal agreement between you and BA Platform Holdings, LLC and govern your use of the Service (with the exception of any explicitly written and executed side agreements between you and BA Platform Holdings, LLC), and completely replace any prior agreements between you and BA Platform Holdings, LLC in relation to the Service.
You agree that if Bitsy Advisor® does not exercise or enforce any legal right or remedy which is contained in the Terms (or which Bitsy Advisor® has the benefit of under any applicable law), this will not be taken to be a formal waiver of BA Platform Holdings, LLC’s rights and that those rights or remedies will still be available to BA Platform Holdings, LLC.
If any court of law, having the jurisdiction to decide on this matter, rules that any provision of these Terms is invalid, then that provision will be removed from the Terms without affecting the rest of the Terms. The remaining provisions of the Terms will continue to be valid and enforceable.
The Parties hereto waive trial by jury in any court in any suit, action or proceeding on any matter arising in connection with or in any way related to the transactions of which this agreement is a part of the enforcement hereof, except where such waiver is prohibited by law or deemed by a court of law to be against public policy. The parties hereto acknowledge that each makes this waiver knowingly, willingly and voluntarily and without duress, and only after extensive consideration of the ramifications of this waiver with their attorneys.
The parties hereto waive any right to assert any claims against the other party as a representative or member in any class or representative action, except where such waiver is prohibited by law against public policy. To the extent either party is permitted by law or court of law to proceed with a class or representative action against the other, the parties hereby agree that: (1) the prevailing party shall not be entitled to recover attorneys’ fees or costs associated with pursuing the class or representative action (not withstanding any other provision in this agreement); and (2) the party who initiates or participates as a member of the class will not submit a claim or otherwise participate in any recovery secured through the class or representative action.
The Terms, and your relationship with BA Platform Holdings, LLC under the Terms, shall be governed by the laws of the State of TN and any other state BA Platform Holdings, LLC has an active registration with, without regard to its conflict of laws provisions. You and BA Platform Holdings, LLC agree to submit to the exclusive jurisdiction of the courts located within the County of the specific state from which the Service was directed to and/or directed from, United States of America to resolve any legal matter arising from the Terms. Notwithstanding this, you agree that BA Platform Holdings, LLC shall still be allowed to apply for injunctive remedies (or an equivalent type of urgent legal relief) in any jurisdiction.
BA Platform Holdings, LLC, 800 S. Gay St., STE 1100, ATTN: Bitsy Advisor, Knoxville, TN 37929
Data Security Policy
We ensure the highest level of data encryption. Our servers encrypt data via 256-bit SSL encryption. We use the same security provider as Venmo, Citrix, Trivago & Lyft to name a few.
Only approved personnel within your organization can access sensitive client information. Our developers and support staff will only ever have access to such information if, we need to fix bugs and we have express permission to do so.
Learn more →
Rest easy knowing Bitsy operates from a ‘security first’ mindset.
Credible, third-party vendors ensure high data security.
Regular cyber risk assessments protect you at all times.
Our plan is built to prevent, detect and correct to ensure you and your clientele have the best experience possible.
Your clients and you come first. If something happens that could cause you and/or them harm, there’s a clear plan in place to assess, protect and prevent.
Annual testing of this plan
24/7 employee availability to execute such plan
Continual training in incident response
24/7 file-integrity monitoring systems
Regular updates to this plan
Every transaction between an advisor/advisory firm and Bitsy is secure. We only accept payments through the following providers.
If you’d like to see a copy of our insurance coverages that keep you and your clients safe, please submit a written request to:
california consumer privacy act
“Victory Loves Preparation”. Bitsy is prepared and compliant.
Under California Civil Code Section 1798.83 (the Shine the Light” law), California residents who provide personal information in obtaining products or services from Bitsy are entitled to request and obtain from us once per calendar year information about the customer information about them that we have shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g., requests made in 2020 will receive information regarding 2019 sharing activities). If you are a California resident and would like a copy of this information, please submit a written request to:
Email: [email protected] with the subject line of “CCPA Request”
Address: 800 S. Gay St., STE 1100 ATTN: Bitsy Advisor, Knoxville, TN 37929
Bitsy is a cloud SaaS platform that is leveraged by multiple companies. Bitsy can only exercise your data rights for the data under its direct control. If you want to exercise your CCPA rights, but your data is controlled by another company that is served by Bitsy, you will need to contact them directly, as Bitsy does not control this data. Bitsy does NOT sell your data to third parties.
information we collect
Learn more →
A real name, alias, postal address, firm name, online identifier, unique personal identifier, internet protocol address, email address, or other similar identifiers.
A name, signature, physical characteristics or description, address, telephone number, education, employment, employment history. Some personal information included in this category may overlap with other categories.
Social Security number, driver’s license number, passport number.
Under California or Federal Law:
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name or other similar identifiers.
Social Security number, driver’s license number, passport number.
Physical location or movements.
Audio, electronic, visual, thermal, olfactory, or similar information.
Current or past job history or performance evaluations.
Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Personal information does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Information excluded from the CCPA’s scope, such as:
- Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
- Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from our clients or their agents. For example, from the email content from sales people.
- Indirectly from our clients or their agents. For example, through information we collect from our clients in the course of providing services to them.
- Directly and indirectly from activity on our website (bitsyadvisor.com). For example, from submissions through our website portal or website usage details collected automatically.
- From third-parties that interact with us in connection with the services we perform. For example, from customers that inform of new workflows when launching new products and services.
use of personal information
We may use or disclose the personal information we collect for one or more of the following business purposes:
- To fulfill or meet the reason for which the information is provided. For example, if you provide us with personal information in order to organize your advisor dashboard, we will use that information to organize your interactions, performance data and client acquisition history.
- To provide you with information, products or services that you request from us.
- To provide you with email alerts, events, news, etc., that may be of interest to you.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.
- To improve our website and present its contents to you.
- For testing, research, analysis and product development.
- As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
sharing personal information
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
We have NOT sold any personal information in the preceding (12) months
your california rights and choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (also called a data portability request).
- If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
- sales, identifying the personal information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to:
Emailing us at [email protected] with the subject line of “CCPA Request”
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- To provide you with information, products or services that you request from us.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different level or quality of goods or services.
changes to our privacy notice
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will notify you by email or through a notice on our website homepage.
Email: [email protected] with the subject line of “CCPA Request”
Address: 800 S. Gay St., STE 1100 ATTN: Bitsy Advisor, Knoxville, TN 37929
Last modified: August 21, 2020
soc i & soc ii
To demonstrate our commitment to protecting customer data, Bitsy relies on it’s third party providers (DocuSign, Google Firebase), who have significantly invested in maintaining certifications in the following regulatory and industry standards, to provide the highest level of consumer protection and security practices available.
DocuSign is ISO 27001:2013 certified. This is the highest level of global information security assurance available today, and provides customers assurance that DocuSign meets stringent international standards on security.
soc 1 & 2, type 2
As a SOC 1 and SOC 2-certified organization, DocuSign complies with the reporting requirements stipulated by the American Institute of Certified Public Accountants (AICPA). We undergo yearly audits across all aspects of our production operations, including our datacenters, and have sustained and surpassed all requirements.
csa star program
DocuSign adheres to the requirements of the Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR) program. The CSA STAR comprises key principles of transparency, rigorous auditing, and harmonization of standards. Our Consensus Assessments Initiative Questionnaire (CAIQ) documents the rigor and strength of DocuSign’s security posture and best practices and is publicly accessible for viewing and download from the CSA STAR registry.
soc iii & iso
ISO and SOC compliance
All Firebase services (aside from App Distribution and Crashlytics) have successfully completed the ISO 27001 and SOC 1, SOC 2, and SOC 3 evaluation process, and some have also completed the ISO 27017 and ISO 27018 certification process.
Bitsy perpetually agrees to maintain a high level of successful operation of it’s services. Regardless of what external forces may threaten the integrity of our system.
Should there be any level of disruption to our service(s), Bitsy proactively implements a solution before acquiring new customers.
Bitsy acknowledges that it’s members rely on our system for compliant client acquisition. We agree to continually maintain and upgrade the integrity of our system to ensure our members get more (where possible) in value, than what they pay for.
Where possible, Bitsy agrees to proactively acknowledge possible and current threats and complications to it’s system and to put aside all other activity to amend such faults, as quickly as possible. We also agree to keep all members regularly apprised of ongoing circumstances, how they might be affected and what we’re doing to amend any complications. This communication will happen at least once every 24 hours.
Bitsy prides itself in being reliable; thus, we commit to regularly (at least 2 – 4 times annually) check the integrity of our system, tools and support capabilities to ensure our members experience little to no interruption in service.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
- California Customer Records personal information categories.
We disclose your personal information for a business purpose to the following categories of third parties:
- Our affiliates.
- Service providers.
- Third parties to whom you or your agents authorize us to disclose your personal information in connection with the products or services we provide to you.
Information we collect (expanded)….
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months: