
It’s All About Trust
We work hard to earn your trust by keeping your employees’ dreams and data secure
Your employees’ data is private and secure. Period.
At BrightPlan, we go above and beyond government requirements for data security and protection. We prioritize privacy and security. All personal data is encrypted and stored securely. We adhere to strict data protection regulations and use advanced security measures to prevent unauthorized access. We maintain all the same rigor and standards as are outlined in our privacy policy.

Best-in-class Security and Compliance
- Audited annually to comply with the best fiduciary practices, including SEC privacy regulations.
- We are SOC2 Type 2 certified by an external auditor. SOC2 security principles focus on preventing the unauthorized use of assets and data handled by the organization. This principle requires organizations to implement access controls to prevent malicious attacks, unauthorized deletion of data, misuse, unauthorized alteration, or disclosure of company information.
- We are ISO 27001:2022, ISO 27017, and ISO 27018 certified by an external auditor. ISO 27001 relates to information security, cybersecurity, and privacy protection. ISO 27017 and ISO 27018 relate to security controls for cloud services and protecting personally identifiable information (PII) in public clouds acting as PII processors.
- We comply with NIST-CSF, a voluntary framework specified by the US Department of Commerce that helps businesses understand, manage, and reduce their cybersecurity risk and protect their network and data.
- We regularly receive rigorous security reviews from global enterprise organizations.
- BrightPlan is the first digital advisor certified by the Centre for Fiduciary Excellence (CEFEX). CEFEX Certification means we’ve been independently certified to uphold the highest standards and act in the employee’s best interests.
Fiduciary Excellence
BrightPlan is a Registered Investment Advisor and legally required to act in our clients’ best interests – our certification by the Centre for Fiduciary Excellence (CEFEX) verifies that we adhere to the highest standards.
Learn More