Effective as of: August 31, 2013
For Internal and External Distribution
The Gramm-Leach-Bliley (“GLB”) Act of 1999 requires financial institutions and investment managers to establish written policies and procedures to protect client information by either prohibiting the sharing of client information with third parties for marketing purposes or providing customers with the option of not having their information shared with third parties for marketing purposes. Siharum Advisors LLC’s (“Siharum”) policy is to not share non-public personal or financial client (present or former) information with third parties for marketing purposes and to maintain a controls framework that is reasonably designed to safeguard such client information. This policy also covers any individuals with whom the firm has had some form of marketing contact and who have provided the firm with personal information, even if such individuals have not become or do not become clients of the firm.
This policy may be updated or amended at any time upon the approval of the firm’s Chief Compliance Officer (“CCO”).
A copy of this policy is provided to each client or prospective client before or at the time of executing an investment advisory agreement and annually thereafter. Updated copies are provided to clients promptly if the policy is materially changed.
Siharum receives non-public personal information about its clients through the various applications, forms and agreements a client provides to Siharum in the normal course of their dealings with Siharum. Clients may also provide authorizations that allow Siharum to obtain such non-public personal information from third parties.
Siharum retains client information in order to meet its regulatory and compliance obligations and also to allow the firm to appropriately service its clients. Non-public personal or financial client information may be disclosed to employees within the firm and externally in the normal course of business and in connection with the provision of investment advisory services for which Siharum has been hired. Disclosures may also be made if required or permitted by law or if authorized by a client.
Siharum’s controls framework is designed to protect client information while recognizing the practical needs of a small firm in which each employee may perform a broad variety of functions with limited segregation of duties. The controls in place include physical, electronic and procedural safeguards that offer protection against (i) threats to the security or integrity of client records and (ii) unauthorized access to or use of client information that could adversely and substantially harm a client. Specific controls and procedures are well-documented and reviewed annually for adequacy and effectiveness.
Access to Siharum’s office space is subject to multiple layers of access controls and security. Siharum’s network infrastructure includes firewall and anti-virus protection as well as proactive maintenance and monitoring by an established third-party provider. Client information may be retained in hard copy (stored securely with physical safeguards) and/or in electronic format. Electronic records are primarily stored in systems and applications with electronic access level controls and transmission of sensitive client information is performed only through secure channels.
An employee who suspects unauthorized access, fraud or misuse of client information must notify the CCO promptly, who will then initiate an investigation to determine if actual unauthorized access has occurred. Should it be determined that unauthorized access has indeed occurred and has resulted in or is reasonably likely to result in fraud or misuse of client information, then the CCO will inform the client promptly as well as applicable regulatory and/or law enforcement authorities which may include the local police, FBI and the US Securities and Exchange Commission.
Current as of 8-31-2014