privacy & cyber security measures

Updated 2024

As an investor rights advocate, your privacy is a leading priority for us.

Personal information is collected to open your account(s), to process your transactions, and to help provide a better level of service. Your personal information is never sold to anyone. We protect the security and confidentiality of the personal information collected.

Core Planning, LLC will not under any circumstances sell your personal or account information to anyone; such information can be separated into the following categories:

Personal Information- This information may include, among other things, your name, address, phone number, social security number, marital status, spousal information if married, your occupation and employer, your tax bracket, name, address, and social security number of your beneficiaries, personal financial information that you provide on new account applications or other forms, or any additional information that you wish to share with us as your Advisor. 

Information Regarding Your Account History - As part of establishing a business relationship with you, we collect and maintain information regarding your investment transactions and other activities. This includes items such as your account balance, payments, withdrawals, account activity, and correspondence with you.

Trust and Estate Information – As part of our trust or estate planning process, personal and financial documents such as trust agreements, wills, and tax records may be retained.

We do not disclose personal information to third parties for marketing purposes and would disclose such only via the following limited exceptions:

We may disclose personal information to companies or individuals that facilitate our business relationship with you (i.e. brokerage firms that implement the trades on your behalf) or as requested by you (i.e. your CPA, Family Attorney, Trusted Third Party, or other Advisors at your request).

We may disclose or report personal information in limited circumstances where it is believed in good faith the disclosure is required or permitted under law, for example, to cooperate with regulators or law enforcement authorities, resolve consumer disputes, perform credit/authentication checks, or for institutional risk control.

How does Core Planning protect the confidentiality of your personal information? 

The sharing of information with these entities is essential for to fully service clients and to satisfy legal and regulatory obligations. All of these entities have legal or other obligations with respect to the use and disclosure of your information. In addition, some of these entities may have to provide you their own privacy policies. If this policy on disclosing information ever changes, we will promptly notify you in writing. We also maintain physical, electronic, and procedural safeguards that comply with federal and industry standards to guard your nonpublic personal information.

We will continue to evaluate these efforts to protect personal information and make every effort to keep your personal information accurate and up to date. 

If you identify any inaccuracy in your personal information, or you need to make a change to that information, please contact us so that we may promptly update our records. If, at any time in the future, it is necessary to disclose any of your personal information in a way that is inconsistent with this policy, we will give you advance notice of the proposed change so that you will have the opportunity to opt-out of such disclosure.

Cybersecurity practices: 

Cybersecurity protocol should be taken very seriously. Below are the measures adopted to safeguard your personal data:

Online Form submission is accomplished through Cognito Forms HIPPA compliant server. That form data is transmitted across a protected 256 bit SSL (Secure Socket Layer) connection that uses a SHA256 Certificate. This is the same level of protection used by online banking or e-commerce providers.

Email: All email correspondence is done through a secure platform via Microsoft Office 365. Even though the platform is secure, email can be targeted once the transmission leaves the server. Because of this, email should only be used for general purposes. Account numbers, social security numbers, or other identifying data should not be transmitted via email unless through an encrypted document.

Custodian Access: In order to access your investment accounts via third party custodian, Dual Factor Authentication is always used. This means that in addition to the standard log in ID and Password, account access is only granted after SMS based authentication with a numerical code, reset after each log in.

Business Computers: In order to perform our day-to-day duties, desktops and laptops are both generally used. These are the only such devices used to access client data. All devices are backed up weekly onto physical external hard drives. All devices are encrypted, and Antivirus software is updated regularly and automatically.

Social Media and Website: Core Planning has a presence on the web at www.corepln.com, 

This site is designed to be static, contain no client data, and used strictly for generic informational purposes only. Social Media pages (e.g. LinkedIn or Facebook) may be used for generic informational purposes and are not intended for specific investment guidance.

We will provide notice of changes in these information-sharing practices. 

If, at any time in the future, it is necessary to disclose any of your personal information in a way that is inconsistent with this policy, we will give you advance notice of the proposed change so that you will have the opportunity to opt-out of such disclosure.

We will review this policy at least annually.