Money Positive views protecting its customers’ private information as a top priority and, pursuant to the requirements of the Gramm-Leach-Bliley Act (the “GLBA”), Money Positive has instituted the following policies and procedures to ensure that customer information is kept private and secure.
This policy serves as formal documentation of Money Positive’s ongoing commitment to the privacy of its customers. All employees will be expected to read, understand, and abide by this policy and to follow all related procedures to uphold the standards of privacy and security set forth by Money Positive. This Policy, and the related procedures contained herein, is designed to comply with applicable privacy laws, including the GLBA, and to protect nonpublic personal information of Money Positive’s customers.
In the event of new privacy-related laws or regulations affecting the information practices of Money Positive, this Privacy Policy will be revised as necessary and any changes will be disseminated and explained to all personnel.
Scope of Policy
This Privacy Policy covers the practices of Money Positive and applies to all nonpublic personally identifiable information of our current and former customers.
Overview of the Guidelines for Protecting Customer Information
In Regulation S-P, the Securities and Exchange Commission (the “SEC”) published guidelines, pursuant to section 501(b) of the GLBA, which address the steps a financial institution should take in order to protect customer information. The overall security standards that must be upheld are:
- Ensure the security and confidentiality of customer records and information;
- Protect against any anticipated threats or hazards to the security or integrity of customer records and information; and
- Protect against unauthorized access to or use of customer records or information that could result in substantial harm or inconvenience to any customer.
Employee Responsibility
- Each employee has a duty to protect the nonpublic personal information of customers collected by Money Positive.
- No employee is authorized to disclose or use the nonpublic information of customers on behalf of Money Positive.
- Each employee has a duty to ensure that nonpublic personal information of Money Positive’s customers is shared only with employees and others in a way that is consistent with Money Positive’s Privacy Notice and the procedures contained in this Policy.
- Each employee has a duty to ensure that access to nonpublic personal information of Money Positive’s customers is limited as provided in the Privacy Notice and this Policy.
- No employee is authorized to sell, on behalf of Money Positive or otherwise, nonpublic information of Money Positive’s customers.
- Employees with questions concerning the collection and sharing of, or access to, nonpublic personal information of Money Positive’s customers must look to Money Positive’s CCO for guidance.
Violations of these policies and procedures will be addressed in a manner consistent with other Company disciplinary guidelines
Types of Permitted Disclosures – The Exceptions
Regulation S-P contains several exceptions, which permit Money Positive to disclose customer information (the “Exceptions”). For example, Money Positive is permitted under certain circumstances to provide information to non-affiliated third parties to perform services on Money Positive’s behalf. In addition, there are several “ordinary course” exceptions, which allow Money Positive to disclose information that is necessary to effect, administer, or enforce a transaction that a customer has requested or authorized. A more detailed description of these Exceptions is set forth below.
- Service Providers. Money Positive may from time to time have relationships with nonaffiliated third parties that require it to share customer information in order for the third party to carry out services for Money Positive. These nonaffiliated third parties would typically represent situations where Money Positive or its employees offer products or services jointly with another financial institution, thereby requiring Money Positive to disclose customer information to that third party. Every nonaffiliated third party that falls under this exception is required to enter into an agreement that will include the confidentiality provisions required by Regulation S-P, which ensure that each such nonaffiliated third party uses and re-discloses customer nonpublic personal information only for the purpose(s) for which it was originally disclosed.
- Processing and Servicing Transactions. Money Positive may also share information when it is necessary to effect, administer, or enforce a transaction for our customers or pursuant to written customer requests. In this context, “Necessary to effect, administer, or enforce a transaction” means that the disclosure is required, or is a usual, appropriate, or acceptable method.
- To carry out the transaction or the product or service business of which the transaction is a part, and record, service, or maintain the consumer’s account in the ordinary course of providing the financial service or financial product.
- To administer or service benefits or claims relating to the transaction or the product or service of which it is a part.
- To provide a confirmation, statement, or other record of the transaction, or information on the status or value of the financial service or financial product to the consumer or the consumer’s agent or broker; or
- To accrue or recognize incentives or bonuses associated with the transaction that is provided by Money Positive or any other party.
Sharing as Permitted or Required by Law
Money Positive may disclose information to nonaffiliated third parties as required or allowed by law. This may include, for example, disclosures in connection with a subpoena or similar legal process, a fraud investigation, recording of deeds of trust and mortgages in public records, an audit, or examination, or the sale of an account to another financial institution.
Money Positive has taken the appropriate steps to ensure that it is sharing customer data only within the above noted Exceptions. Money Positive has achieved this by understanding how Money Positive shares data with its customers, their agents, service providers, parties related to transactions in the ordinary course or joint marketers.
Safeguarding of Client Records and Information
Money Positive has implemented internal controls and procedures designed to maintain accurate records concerning customers’ personal information. Money Positive’s customers have the right to contact Money Positive if they believe that Company records contain inaccurate, incomplete, or stale information about them. Money Positive will respond in a timely manner to requests to correct information. To protect this information, Money Positive maintains appropriate security measures for its computer and information systems, including the use of passwords and firewalls.
Additionally, Money Positive will use shredding machines, locks and other appropriate physical security measure to safeguard client information stored in paper format. For example, employees are expected to discard documents not required to be kept by placing them in the appropriate bin for shredding.
Money Positive protects confidential client information including but not limited to consumer report or any compilation of consumer report information derived from a consumer report by maintaining some information in locked areas and shredding such information when then information is no longer needed by Money Positive.
Security Standards
Money Positive maintains physical, electronic, and procedural safeguards to protect the integrity and confidentiality of customer information. Internally, Money Positive limits access to customers’ nonpublic personal information to those employees who need to know such information in order to provide products and services to customers. All employees are trained to understand and comply with these information principles.
Privacy Notice
Money Positive has developed a Privacy Notice, as required under Regulation S-P, to be delivered to customers initially and on an annual basis. The notice discloses Money Positive’s information collection and sharing practices and other required information and has been formatted and drafted to be clear and conspicuous. The notice will be revised as necessary any time information practices change. A copy of Money Positive’s Privacy Notice is available below and within Money Positive’s client agreement.
- Privacy Notice Delivery
- Initial Privacy Notice - As regulations require, all new customers receive an initial Privacy Notice at the time when the customer relationship is established, for example on execution of the agreement for services.
- Annual Privacy Notice - The GLBA regulations require that disclosure of the Privacy Policy be made on an annual basis. Money Positive will deliver its annual Privacy Notice in conjunction with the annual offer summary of material changes of its Form ADV Part 2.
- Revised Privacy Notice - Regulation S-P requires that Money Positive amend its Privacy Policy and distribute a revised disclosure to customers if there is a change in Money Positive’s collection, sharing, or security practices.
We recognize the importance of protecting our clients’ privacy. We have policies to maintain the confidentiality and security of your nonpublic personal information. The following is designed to help you understand what information we collect from you and how we use that information to serve your account.
Categories of Information We May Collect
In the normal course of business, we may collect certain personal information, including your full legal name, email address, permanent address, date of birth, social security number, and other financial related information.
If you choose to link a financial account using the Plaid service within the Money Positive application, Money Positive will collect information about the activity and terms associated with that financial account. You acknowledge and agree that the information you provide to Money Positive through Plaid will be treated by Plaid accordance with their privacy Policy (located at https://plaid.com/legal/#privacy-policy), and by Money Positive according to this privacy policy.
If you use Zoom to initiate a screen share with Money Positive, you acknowledge and agree that Zoom may collect certain information about your location, as well as the timing and your use of its services, in accordance with its privacy policy (located at https://zoom.us/privacy).
If you opt in to using our Google Calendar integration then we will store metadata about calendars (e.g. Calendar names and color preferences), we will create events on your primary calendar whenever a meeting with a planner is scheduled (and we will store data about those events we create, and may delete these events if the meeting is rescheduled), additionally we will request data about your availability in order to find schedule alignment (this data is used immediately and not stored). We will not store any data about events in your calendar that we did not create. Money Positive's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
How We Use Your Information That We Collect
Any and all nonpublic personal information that we receive with respect to our clients who are natural persons is not shared with nonaffiliated third parties which are not service providers to us without prior notice to, and consent of, such clients, unless otherwise required by law. In the normal course of business, we may disclose the kinds of nonpublic personal information listed above to nonaffiliated third party service providers involved in servicing and administering products and services on our behalf. Our service providers include, but are not limited to, our administrator, our auditors and our legal advisor. Additionally, we may disclose such nonpublic personal information as required by law (such as to respond to a subpoena) or to satisfy a request from a regulator and/or to prevent fraud. Without limiting the foregoing, we may disclose nonpublic personal information about you to governmental entities and others in connection with meeting our obligations to prevent money laundering including, without limitation, the disclosure that may be required by the Uniting and Strengthening America Act by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001 and the regulations promulgated thereunder. In addition, if we choose to dispose of our clients’ nonpublic personal information that we are not legally bound to maintain, we will do so in a manner that reasonably protects such information from unauthorized access. The same privacy policy also applies to former clients who are natural persons.
Confidentiality and Security
We restrict access to nonpublic personal information about our clients to those employees and agents who need to know that information to provide products and services to our clients. We maintain physical, electronic and procedural safeguards to protect our clients’ nonpublic personal information. We respect and value that you have entrusted us with your private financial information, and we will work diligently to maintain that trust. We are committed to preserving that trust by respecting your privacy as provided herein.