Nonpublic Personal Information We Collect
We collect nonpublic personal information about you that is provided to us by you or obtained by us with your authorization or consent.
WE DO NOT DISCLOSE ANY PERSONAL INFORMATION ABOUT OUR SUBSCRIBERS OR FORMER SUBSCRIBERS TO ANYONE, EXCEPT AS PERMITTED BY LAW AND ANY APPLICABLE STATE ETHICS RULES.
We do not disclose any nonpublic personal information about, current or former subscribers obtained in the course of service of such subscribers, except as expressly or implicitly authorized by those subscribers to enable us to effectuate the purpose of our service or as required or permitted by law or applicable provisions of codes of professional responsibility or ethical rules governing our conduct as investment advisers.
Confidentiality & Security
We retain records relating to professional services that we provide so that we are better able to assist you with your personal investment needs and to comply with professional guidelines or requirements of law. In order to guard your nonpublic personal information, we maintain physical, electronic, and procedural safeguards that comply with our professional standards and the laws that govern us in the state(s) in which we conduct business.
You have the right to terminate your subscription of our Service at any time. If you do so, you will be responsible for charges incurred in connection with our service up to termination. We also may terminate your subscription to our Service for any reason consistent with the Rules of each state in which our Service transacts business and is registered to do so, including non-payment of fees and expenses, or improper dissemination of our Service to outside parties, as mentioned in our Terms of Service.
If you have questions about any aspect of our arrangements or our invoices from time to time, feel entirely free to raise those questions. It is important that we proceed on a mutually clear and satisfactory basis in our work for you. If you have any questions or comments about the Terms of Service as herein outlined during signup for Bitsy Advisor®, please email contact us here:
No refunds will be given for termination of subscription at any time, or under any circumstances.
See why 800+ Advisors love Bitsy
© BA Platform Holdings LLC 2021
How can we help?
Disclosure Delivery. Proof of Delivery.
You can deliver disclosures at any time during the client acquisition process. Disclosure documents can attach to any questionnaire you build, be sent with contracts or automatically upload to your client's dashboard, for example. This is completely your preference.
Proof of delivery happens within an admin's and an advisor's dashboard, with a timestamp of delivery for compliance adherance.
Platform Updates and Enrollment Audit Line Items.
You get world-class RIA attorneys continually keeping you up-to-date and in-line with your state and national compliance regualtions. You can even get discounted access to their time, should you need it.
Bitsy automatically tracks and timestamps client enrollment steps to ensure you have what you need during audit. You can easily download and send as littls as 1 client contract to your auditor, or mass download all client contracts and email via zip file to said auditor. It's quick and easy.
Client Information and Record Retention Requirements.
Our compliance staff keeps us (and you) up to date on such requirements, and removal can only happen upon request to our support staff so that advisors can not remove manually.
If you should discontinue your membership with Bitsy, we make it easy for you to transfer all of your client records and documents. However, you only get 30 days to do so before we email all such records and automatically close your account.
We are NOT going to hold all of your electronic records for 5 years.
Lawful, fair and transparent data processing in relation to individuals:
Bitsy’s onboarding module only collects data required by law to enroll new clients.
Specified, explicit and legitimate purpose for data collection:
Bitsy’s onboarding and other custom modules clearly identify required data from prospets and clients.
We also make it easy to completely purge data from Bitsy, simply reach out and we’ll do it fo you IF you meet guidelines for legal disposal AND you are an approved compliance officer/firm admin with express permission to complete such request.
Relevant data, limited to only what is necessary in relation to it’s purpose:
Bitsy’s onboarding module ONLY collects relevant information to execute a compliant client enrollment. We allow your prospects and clients to electronically sign enrollment documents, proving consent for data collected.
Personal Data Retention
Personal data should be kept for no longer than is necessary for proper subject identification:
You will be eligible to remove all collected data in regards to one or multiple client(s), when storing of such data becomes irrelevant. Bitsy also creates a trail of all changes made by or on behalf of prospects and clients, for your security.
Again, you MUST be an approved person listed in the "Data Collection" tab to be eligible for data removal requests.
Please also refer to the "Client Information and Record Retention Requirements" tab held within the "Compliance Checklist" section for an explanation of how we safeguard client information, and our safe removal protocols held therein.
Personal data should be accurate and up to date, where necessary:
Clients agree within Bitsy’s modules to provide you with clear and accurate data. It is their responsibility to abstain from delivering false information.
Personal data should be processed securely; furthermore, in a manner that is appropriate to the sensitivity of such data.
Bitsy provides a high level of data encryption to all members, ensuring that all customer information is perpetually stored in a secured database.
We utilize state-of-the-art hacker prevention protocol to prevent access to our network. We continually update our anti-virus and malware prevention systems to keep you, your prospects and your clients safe.
Every transaction between an advisor/advisory firm and Bitsy is secure. We only accept payments through the following methods:
Check or Wire
Rest easy knowing Bitsy operates from a 'security first' mindset.
Credible, third-party vendors ensure high data security. We outsource this function to the best providers who make it their business to keep you and your clientele safe.
Regular cyber risk assessments protect you at all times.
Learn more →
Our plan is built to prevent, detect and correct to ensure you and your clientele have the best experience possible.
Annual testing of this plan
Response within 1 hour
Continual training in protocol
24/7 file-integrity monitoring
Perpetual plan updates
If you’d like to see a copy of our insurance coverages that keep us, you and your clients safe, please submit a written request to:
DocuSign is ISO 27001:2013 certified. This is the highest level of global information security assurance available today, and provides customers assurance that DocuSign meets stringent international standards on security.
SOC I & II, Type II
As a SOC 1 and SOC 2-certified organization, DocuSign complies with the reporting requirements stipulated by the American Institute of Certified Public Accountants (AICPA). We undergo yearly audits across all aspects of our production operations, including our datacenters, and have sustained and surpassed all requirements.
DocuSign adheres to the requirements of the Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR) program. The CSA STAR comprises key principles of transparency, rigorous auditing, and harmonization of standards. Our Consensus Assessments Initiative Questionnaire (CAIQ) documents the rigor and strength of DocuSign’s security posture and best practices and is publicly accessible for viewing and download from the CSA STAR registry.
SOC III & ISO Certifications
All Firebase services (aside from App Distribution and Crashlytics) have successfully completed the ISO 27001 and SOC 1, SOC 2, and SOC 3 evaluation process, and some have also completed the ISO 27017 and ISO 27018 certification process.
Bitsy perpetually agrees to maintain a high level of successful operation of it's services. Regardless of what external forces may threaten the integrity of our system.
Should there be any level of disruption to our service(s), Bitsy proactively implements a solution before acquiring new customers.
Bitsy acknowledges that it's members rely on our system for compliant client acquisition. We agree to continually maintain and upgrade the integrity of our system to ensure our members get more (where possible) in value, than what they pay for.
Where possible, Bitsy agrees to proactively acknowledge possible and current threats and complications to it's system and to put aside all other activity to amend such faults, as quickly as possible. We also agree to keep all members regularly apprised of ongoing circumstances, how they might be affected and what we're doing to amend any complications. This communication will happen at least once every 24 hours.
Bitsy prides itself in being reliable; thus, we commit to regularly (at least 2 - 4 times annually) check the integrity of our system, tools and support capabilities to ensure our members experience little to no interruption in service.