Security Policy

We know that sharing financial and business information requires trust. Gate Rock Capital maintains a layered security program that draws on industry best practices to help protect the information we collect and process in connection with our website and services.

1. Security program overview

Gate Rock Capital maintains administrative, technical, and physical controls designed to protect information against unauthorized access, use, loss, or disclosure. Our security approach includes:

• Defined policies and procedures for handling sensitive information;
• Role-based access controls and the principle of least privilege; and
• Ongoing monitoring and updates to our systems and safeguards.

2. Data in transit & at rest

We use strong encryption technologies to help protect information as it moves between your browser and our systems, and when stored within our environment.

• Data in transit: Information transmitted to and from our website is protected using HTTPS and industry-standard TLS encryption protocols (where supported by your browser and device).
• Data at rest: Where appropriate, we encrypt sensitive data stored within our systems or with approved third-party providers.

3. Access control & authentication

Access to internal systems and information is limited to authorized personnel who require it to perform their job responsibilities. Our access practices include:

• Role-based user access aligned with job function;
• Unique user credentials and authentication controls; and
• Periodic review and adjustment of user access rights.

4. Third-party service providers

We may engage carefully selected third-party vendors to provide technology, hosting, analytics, and other services that support our business. When we share information with these providers, we do so under agreements that require appropriate security and confidentiality protections, consistent with the nature of the data and applicable law.

5. Infrastructure & system security

Gate Rock Capital leverages reputable infrastructure and security capabilities to help protect our environment, including:

• Network security controls such as firewalls and segmentation;
• Security monitoring tools and logging of key system activities; and
• Regular maintenance, updates, and patching of systems where feasible.

6. Incident response

We maintain processes for identifying, assessing, and responding to potential security incidents. In the event we become aware of unauthorized access to or use of certain information, we will investigate promptly and, where required by law, provide notifications to affected individuals and/or regulators.

7. Data retention & disposal

Information is retained only for as long as reasonably necessary to support our business, provide services, manage risk, or comply with legal and regulatory obligations. When data is no longer needed, we take steps to securely delete, de-identify, or otherwise dispose of it in a manner designed to prevent unauthorized access or use.

8. Your security responsibilities

While we work to protect information within our systems, security is also a shared responsibility. You can help protect your business by:

• Using up-to-date browsers, operating systems, and security software;
• Keeping any credentials or security codes confidential; and
• Avoiding the use of public or unsecured networks when submitting sensitive information.

9. Changes to this Security Policy

We may update this Security Policy from time to time to reflect changes in our security practices, technology, or regulatory requirements. When we make changes, we will update the “Last updated” date at the top of this page. We encourage you to review this page periodically.

10. Contacting Gate Rock Capital

If you have questions about this Security Policy or our security practices, you can contact us at:

Email: support@gaterockcapital.com
Phone: +1 (888) 397-8472