preloader

Security PolicySecurity

MyOwnFP’s Security Policy

Basis

To deliver complete and accurate financial plans MyOwnFP requires a significant amount of financial information from you and just a bit of personal information. Nothing is more important to the MyOwnFP than trust and protecting this data. Here is what we are doing to ensure your data is safe and secure.

MyOwnFP

The Website and Service is protected by the latest technology and industry best practices. This includes (but is not limited to): All communication from your browser to the website and Service are encrypted using HTTPS, meaning nothing in the middle from your computer to our services in AWS(Canada) can see anything that is transmitted in either direction. All cookies, including those to keep you logged in, are signed and encrypted, and we periodically refresh the cookies to ensure your credentials are still correct to limit any possible cookie exploitation. Automatic encryption-at-rest of all data written to disk ensures protection of your data. Security assessments are performed regularly. Logs are maintained and monitored for any suspicious activity. If a data breach is ever detected, we will inform affected users and report on our investigation in a timely manner.

MyOwnFP Service Providers

MyOwnFP uses Google as our Identity Provider for our login service which helps us minimizes security risks. AWS(Canada) is used for almost all other service to provide secure, enterprise-grade cloud solutions. Our providers regularly perform audits and maintain ISO and SOC compliance. We adhere to AWS’s best practices. MyOwnFP uses Stripe for payment processing and subscription services. Your credit card information for subscription services is done in a Stripe provided window. MyOwnFP (code and servers) never see your credit card information. Stripe is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. As stated in our Privacy Policy we do not share your data with any third party.

You as the subscriber

We have not implemented our own identity services. Instead we rely on Google to provide that. This means you still need to ensure your Google Accounts have strong passwords and you have Multi-Factor Authentication enabled. Try to keep your data as anonymous as possible. We don’t need account numbers, so don’t put them in. The account names can be vague. You don’t have to enter any real identifying information, other than a birthday that is at least close to accurate but doesn’t have to be exact. We don’t need addresses or phone numbers, other than to print reports with them, so leave them blank if you’re not comfortable with those. Use reputable browsers that are concerned about security. Beware of browser extensions. These may be able to access any personal data that passes through your browser. Check the extension is from reputable source, check it’s privacy policy and check the extension’s permissions. You do have the ability to share some of your data (a particular client) to another MyOwnFP subscriber, such as an advisor. That is at your discretion. You also have the publicly share a client, in which case we ensure no client personal information is shared. However it may still be possible for others to know who that client is based on a comment or some other data, so please be careful what you decide to share.

Despite all our efforts to keep your data safe, as stated in our Terms and Conditions, we cannot and do not guarantee your data security. You can delete your account and all your data from the Service in your Profile.