We take security very seriously for all users of Bridge: advisors and end-clients alike. This documentation will tour the three major cornerstones of our secure systems and

policies:

Whenever possible, any sensitive or personally identifiable information (PII) received from financial institutions is either thrown away or masked. For example, our software immediately replaces social security numbers with randomized 9 digit numbers to act as placeholders. Account numbers are stored but generally masked; for example only the last few digits of the account number is visible on client invoices.

All the data received by Bridge is strictly on a read-only basis. We don't take discretion over accounts and as a result, no financial institution would allow us to modify or transact with an account. We offer trade execution services; when trading is offered for clients we still aren't taking discretion on accounts or managing them; we only execute instructions provided by wealth and asset managers.

Our software is built securely from the core. We're hosted on Amazon Web Services, the industry leader in cloud computing technology with the strictest security protocols in place. Our backend processes and data storage reside in containers completely isolated from the internet that are only capable of communicating with our frontend web application. Moreover all communication between your browser and our backend is fully encrypted over a TLS 1.2 connection, the latest security protocol governing web-based communication.

Because Bridge is a 3rd party with read-only access to data, there is virtual no chance an account could be compromised due to the use of any of our products. We do recommend being as secure as possible, for both yourselves and clients, following these simple recommendations: