Security at FundX
Your data security and privacy are our top priorities. Learn how we protect your information.
Our Security Commitment
FundX employs industry-leading security practices to ensure your data remains safe, private, and protected at all times.
Data Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Your sensitive information is protected with bank-level security standards.
Access Controls
Role-based access controls ensure that only authorized users can access sensitive data. Multi-factor authentication adds an extra layer of protection to your account.
Secure Infrastructure
Our platform runs on secure, redundant cloud infrastructure with 24/7 monitoring, automatic failover, and regular security audits to ensure maximum uptime and protection.
Threat Detection
Advanced threat detection systems monitor for suspicious activity, unauthorized access attempts, and potential security incidents around the clock.
Security Best Practices
Authentication & Authorization
- Secure password requirements with strength validation
- Multi-factor authentication (MFA) support
- Session management with automatic timeout
- OAuth 2.0 and JWT-based authentication
- Role-based access control (RBAC)
Data Protection
- End-to-end encryption for all data transmission
- AES-256 encryption for data at rest
- Regular automated backups with encryption
- Secure data deletion procedures
- Data isolation between customer accounts
Infrastructure Security
- Hosted on secure, SOC 2 compliant cloud providers
- Network firewalls and intrusion detection systems
- DDoS protection and mitigation
- Regular vulnerability scanning and penetration testing
- Automated security patches and updates
Operational Security
- 24/7 security monitoring and incident response
- Comprehensive audit logging
- Employee security training and background checks
- Principle of least privilege for system access
- Incident response and disaster recovery plans
Compliance & Standards
FundX is committed to meeting industry standards and regulatory requirements to ensure the security and privacy of your data:
- GDPR Compliance: We comply with the General Data Protection Regulation for EU data subjects
- CCPA Compliance: We comply with the California Consumer Privacy Act
- SOC 2 Type II: Our infrastructure providers maintain SOC 2 Type II certification
- Data Processing Agreements: We offer DPAs for enterprise customers
- Regular Audits: We conduct regular security assessments and third-party audits
Report a Security Concern
We take security seriously. If you discover a potential security vulnerability or have concerns about the security of our platform, please contact us immediately.