Discretion & security

For this audience, whether we leak is the first thing you check. So we designed for it.

This page is maintained by HackFirstAid to answer common security and privacy questions about how we work with family offices. It describes our own practices, not a certification.

NDA by default

Every engagement runs under mutual NDA as standard. Channel partners can promise their client the relationship stays quiet — because it does.

We never name clients

No logos, no case studies with names, no announcements. Anonymized, operationally specific proof carries the trust load instead.

No data custody

We never hold the family's financial data, documents, or credentials. Exposure-footprint work uses public and broker data, never the family's private records.

Advisory, training, and IR only

We advise, train, and respond. We don't execute payments, and we don't provide physical-security, legal, tax, or investment advice.

Shared responsibility. We provide advisory, training, and incident-response capabilities. Your office owns execution — releasing payments, operating systems, and making the final call in a crisis. Nothing here guarantees fraud prevention or a specific outcome; see our scope of use for the full picture.