At Phi-nancial Freedom, LLC, safeguarding your information and maintaining trust is our highest priority. We take a proactive approach to security, privacy, and compliance to ensure the integrity of your personal and investment data. Our internal policies, vendor selection, and technology infrastructure are designed to reduce risk and build investor confidence.

People

Cybersecurity Awareness & Training

All internal team members receive ongoing training on data privacy, social engineering, and secure information handling. We promote a security-first culture to reduce human error and insider threats.

Staff Access Controls

Only authorized personnel are granted access to sensitive investor data or internal systems. Role-based permissions are used to restrict access according to job function and necessity.

Process

Risk Management & Compliance

We conduct periodic risk assessments to identify potential vulnerabilities and make timely updates to our controls and infrastructure. We also follow industry best practices for anti-money laundering (AML) and Know Your Customer (KYC) procedures.

Information Security Policy

Phi-nancial Freedom maintains a written security policy governing the collection, access, use, and storage of all investor and partner data. This policy is reviewed and updated on a regular basis.

Data Protection and Privacy

We are committed to protecting investor privacy in accordance with applicable federal regulations, including the Gramm-Leach-Bliley Act (GLBA). Personal and financial data is never sold or shared without investor consent.

Business Continuity Plan

We maintain a business continuity and disaster recovery plan to ensure the continuity of operations and data security in the event of unexpected incidents, natural disasters, or system failures.

Technology

Secure Website & Hosting

Our website is hosted on a secure server using SSL (Secure Socket Layer) encryption to protect information entered via forms or logins. We monitor for vulnerabilities and patch updates routinely.

Web Application Firewall (WAF)

We employ a WAF to detect and prevent unauthorized access, bot traffic, and injection attacks. Our systems are monitored to ensure uptime and system resilience.

Encryption Standards

All sensitive data—including investment documents and investor details—is encrypted at rest and in transit using industry-standard 256-bit AES encryption.

Access Controls

All systems and portals are protected with two-factor authentication (2FA), role-based user permissions, and IP tracking to limit access only to authorized individuals.

Email and Communication Security

We implement SPF, DKIM, and DMARC protocols to protect against spoofing and phishing attempts. Internal email systems are also configured for secure correspondence with investors and partners.

Vendor Due Diligence

We only work with third-party vendors and platforms that demonstrate strong security and data governance protocols. Our partners are evaluated regularly for compliance with our security standards.

Additional Safeguards

• Dark Web Monitoring: We monitor for exposure of email addresses and credentials associated with internal and investor accounts.
  
• DNS and Domain Monitoring: Our domain records are secured against hijacking or manipulation using DNSSEC and registrar locking.
  
• Continuous Improvement: Security is not a one-time event. We review and enhance our systems regularly to adapt to evolving threats and compliance requirements.

Questions or Concerns?

If you have any questions about how your information is secured or want to report a concern, please contact:

Phi-nancial Freedom, LLC
Theresia Kurnadi, Fund Manager
Tacoma, WA
info@phi-nancialfreedom.com
+1 (425) 405 4881