Legacy Estate Planning / ITS Alliance Partners, LLC recognizes all end-user client rights to privacy. We are committed to the highest standards of data encryption technology by utilizing Turbo SSL (TM) – Secure Sockets Layer (SSL) software – to keep client database records protected and secure. The exclusion of access to personal client records from unauthorized persons is as important to us as it is to you. IN ADDITION, we have installed advanced cyber security/penetration testing procedures and safety requirements to help maintain the integrity and permanency of client data:

• ITS incorporated JURINNOV cybersecurity penetration, vulnerability, and data-breach response testing services over a period of several consecutive months. JURINNOV services provided proactive, compliant, vigilant and responsive approaches to protecting and securing data by helping to balance the risks associated with the transmission, storage, processing and external access to cloud-based information. JURINNOV (post-test) tracking reports created recommended solutions, when necessary, which were then monitored in succeeding, conclusive tests. The security metrics incorporated into the ITS platform ranked in the top 3% of all JURINNOV’S corporate clients at the conclusion of the testing series.
• ITS is in compliance with the safety requirements set by the Payment Card Industry’s (PCI) Data Security Standards (DSS) that are designed to ensure that the processing, storing, and transmitting of credit card information is done in a safe and secure environment. For your review, we also provide public disclosure to our responses on an industry-standard Vendor Cybersecurity Questionnaire.

Furthermore, in exercising the proper methods of gathering, maintaining, and using client information, we adhere to the following practices:

• We collect, record and transfer information only as is necessary to enable our Internet service platform to provide end-user clients with the personal experience they need to help reach their respective estate planning goals.
• Services requiring data-exchanges between affiliated parties may be necessary to analyze, edit, and submit personal data by personal advisors and legal counsel – or other appropriate sources – for the proper creation, funding, and implementation of prescribed estate plans. However, client files will not be transferred or made available to any other organization not authorized or otherwise connected by a service and/or marketing relationship to our processing network.
• Any networking party associated with our Internet Platform Protocol sending or receiving personal client data must agree to the terms of our Privacy Policy Notice(s) prohibiting electronic files to be used for any other reason other than to coordinate and establish end-user client estate plans. Notwithstanding, we do not monitor related party activities beyond our data-exchange protocol requirements.
• Through pre-arranged contractual agreements, clients and their family members (of the client’s choice) may have access to personal information, through Client Consoles, electronically stored on our database, which also may be sent to us from other related sources. In any event, all personal information will be used only to accomplish the desired end result(s) for which purchases of our services have been made.
• As with any industry (especially those utilizing sophisticated data-exchange systems), our company and service platform may be subject to internal due diligence investigations by authorized governmental agencies. To facilitate any such investigative requests, we have created an Attorney General Login (AGL) page. The AGL page allows Attorney General Offices, in any state, Internet access (after provided with a secure database password) to view and analyze all pertinent client data-exchange occurrences and protocol activity between related service parties.

Database Management System: Legacy Estate Planning (ITS) utilizes the most current version of Database Management System (DBMS) software available. This DBMS/SQL formula incorporates the SAME algorithms and encryption levels used by regulated financial institutions nationwide, including federal banks and major credit card companies. Such DBMS applications have been (and are) exhaustively tested by the subject manufacturer(s) with zero-failure rate outcomes. Therefore, the only real “security factor” for consideration is the personal choice of a password. While ITS requires a minimum digital length and a variety of characters to re/create a password, it is still the Client/User’s responsibility to keep the password secure.

Two-Factor Authentication: The purpose of ITS’ optional Two-Factor Authentication (2FA) protocol is to enhance password security within a specific Client Console module, but discretion is required with the 2FA usage. The Client/User must not only keep the 2FA password secure but will always need to remember it – and keep it stored with ONLY A TRUSTED THIRD PARTY(S) – since, for security purposes, the 2FA password is not recoverable by any “Forgot Password” retrievable protocol. If the 2FA password becomes known by anyone who then attempts passage, the program will immediately notify the Client/User of such attempted login event so that s/he can deny (or allow) login access.