As a registered investment adviser, Light Financial Services Inc must comply with SEC Regulation S-P (or other applicable regulations), which requires registered advisors to adopt policies and procedures to protect the "nonpublic person information" of natural person consumers and customer and to disclose to such persons policies and procedures for protecting that information. Nonpublic personal information includes nonpublic "peronally identifiable financial information" plus any list, description or grouping of customers that is derived from nonpublic personally identifiable financial information. Such information may include personal financial and account information, information relating to services performed or transactions entered into on behalf of clients, advice provided by Light Financial Services, Ine to clients, and data or analyses derived from such nonpublic personal information. Light Financial Serivces Inc must also comply with the California Financial Information Privacy Act (SB1) if the firm does business with California consumers.
The purpose of these privacy policies and procedures is to provide administrative, technical and physical safeguards which assist employees in maintaining the confidentiality of nonpublic personal information collected from the consumers and custoemr of an investment advisor. All nonpublic information, whether relating to an advisor's current or former clients, is subject to these privacy policies and procedures. Any doubts about the confidentiality of client information must be resolved in favor of confidentiality.
Paul A Light is responsible for reviewing, maintaining and enforcing these policies and procedures to ensure meeting Light Financial Services Inc's client privacy goals and objectives while at a minimum ensuring compliance with applicable federal and state laws and regulations. Paul A Light may recommend to the President any disciplinary or other action as appropriate. Paul A Light is also responsible for distributing these policies and procedures to employees and conducting appropriate employee training to ensure employees adherence to these policies and procedures.
Light Financial Services Inc has adopted various procedures to implement the firm's policy and reviews to monitor and insure the firm's policy is observed, implemented properly and amended or updated, as appropriate, which include the following:
Non-Disclosure of Client Information
Light Financial Services Inc maintains safeguards to comply with federal and state standards to guard each client's nonpublic personal information. Light Financial Services Inc does not share any nonpublic personal information with any nonaffiliated third parties, except in the following circumstances:
- As necessary to provide the service that the client has requested or authorized, or to maintain and service the client's account;
- As required by regulatory authorities or law enforcement officials who have jurisdiction over Light Financial Servcies Inc, or as otherwise required by any applicable law; and
- To the extenet reasonably necessary to prevent fraud and unauthorized transactions.
Employees are prohibited, either during or after termination of their employment, from disclosing nonpublic personal information to any person or entity outside of Light Financial Services Inc, including family members, except under the circumstances described above. An employee is permitted to disclose nonpublic personal information only to such other employees who need to have access to such information to deliver our services to the client.
Safeguarding and Disposal of Client Information
Light Financial Services Inc restricts access to nonpublic information to those employees who need to know such information to provide services to our clients.
Any employee who is authorized to have access to nonpublic personal information is required to keep such information in a secure compartments or receptacle on a daily basis as of the close of business each day. All electronic or computer files containing such information shall be password secured and firewall protected from access by unauthorized persons. Any conversations involving nonpublic information, if appropriate at all, must be conducted by employees in private, and care must be taken to avoid any unauthorized persons overhearing or intercepting such conversations.
Safeguarding standards encompass all aspects of the Light Financial Services Inc that affect security. This includes not just computer security standards but also such areas as physical security and personnel procedures. Examples of important safeguarding standards that Light Financial Services Inc may adopt include:
- Access controls on customer information systems, including controls to authenticate and permit access only to authorized individuals and controls to prevent employees from providing customer information to unauthorized individuals who may seek to obtain this information through fraudulent means (eg requiring employee user of user ID numbers and passwords, etc.);
- Access restrictsions at physical locations containing customer information, such as buildings, computer facilities, and records storage facilities to permit access only to authorized individuals (eg intruder detection devices, use of fire and burglar resistant storage devices);
- Measures to protect against destruction, loss, or damage of customer information due to potential environmental hazards, such as fire and water damage or technological failures (eg use of fire resistant storage facilities and vaults; backup and store offf site key data to ensure proper recovery); and
- Any employee who is authorized to possess "consumer report information" for a business purpose is required to take reaonable measures to protect against unauthorized access to or use of the information in connection with its disposal. There are several components to establishing 'reasonable' measures that are appropriate for the firm:
- Assessing the sensitivity of the consumer report information we collect;
- The nature of our advisory service and the size of our operation;
- Evaluating the costs and benefits of different disposal methods; and
- Researching relevant technological changes and capabilities.
Some methods of disposal to ensure the information cannot practicably be read or reconstructed that Light Financial Services Inc may adopt include:
- Procedures requiring burning, pulverizing, or shredding of papers containing consumer report information;
- Procedures to ensure the destruction or erasure of electronic media; and
- After due diligence, contracting with a service provider engaged in the business of record destruction, to provide such services in a manner consistent with the disposal rule.