Security Statement

Protecting your information is a core priority at Ovr Finance

Effective Date:October 2025
Encrypted
Protected
Monitored

At Ovr Finance, a product of JRM Creative Ventures LLC, protecting your information is a core priority. Ovr is designed to support your financial wellness and peace of mind, and that includes being thoughtful and careful with your data and the systems that handle it.

1. Our Security Commitment

We are committed to implementing reasonable and appropriate technical and organizational measures to protect your information against unauthorized access, disclosure, alteration, or destruction.

Our security program is built around the following principles:

Confidentiality

Only authorized people and systems can access your data.

Integrity

Data is accurate, complete, and protected from unauthorized change.

Availability

Our systems are designed to be reliable and available when you need them.

2. How We Protect Your Data

We use a combination of industry-standard safeguards to protect your information:

Encryption in Transit

Data transmitted between your device and our services is protected using HTTPS/TLS (commonly referred to as "SSL").

Encryption at Rest (Where Applicable)

Where supported by our infrastructure and third-party providers, sensitive data is encrypted at rest to reduce the risk of exposure in the event of unauthorized access.

Access Controls

Access to systems and data is limited to authorized personnel who require it for their job responsibilities. We use authentication and permission-based access to minimize unnecessary exposure.

Secure Authentication

We encourage strong, unique passwords and may use additional authentication safeguards where appropriate.

Monitoring & Logging

Our systems and providers use logging and monitoring to help detect suspicious or unauthorized activity.

3. Use of Trusted Third-Party Providers

To deliver Ovr services securely and reliably, we work with established third-party service providers, which may include:

  • Hosting and infrastructure providers
  • Payment processors (e.g., for subscription fees)
  • Bank connection / financial data providers (e.g., for secure account linking)
  • Analytics and security tooling providers

We select vendors that use industry-standard security practices and contractual protections. Many of these providers maintain their own security certifications or compliance frameworks (such as PCI-DSS for payment processing and strong security controls for financial data connectivity).

We do not directly store your bank login credentials; instead, where applicable, we rely on secure, regulated third-party services to connect financial accounts.

4. Secure Development Practices

We aim to incorporate security into the way we build and maintain Ovr by:

  • Following secure coding practices and reviewing code for security issues.
  • Updating dependencies and libraries to patch known vulnerabilities.
  • Testing functionality before release and monitoring for unexpected behavior.
  • Limiting the amount of sensitive data collected to what is reasonably necessary to provide our services.

As Ovr grows, we plan to continue maturing our security processes, tools, and reviews.

5. Your Responsibilities

Security is a shared responsibility. You can help protect your account and data by:

1Using a strong, unique password for your Ovr account and your email account.
2Enabling additional security features (such as device-level screen locks, biometric unlock, etc.).
3Keeping your device's operating system and browser up to date.
4Being cautious of phishing attempts or messages that ask you to share your login information.
5Not sharing your Ovr login credentials with anyone.

If you believe your account has been compromised, please contact us immediately (see "Reporting a Security Issue" below).

6. Data Retention & Deletion

We retain information for as long as it is reasonably necessary to provide services, comply with legal obligations, resolve disputes, and enforce our agreements.

When data is no longer required, we take steps to securely delete or de-identify it in line with our data retention practices and any applicable legal requirements.

You may have additional rights with respect to your data (e.g., access, deletion) under our Privacy Policy and applicable law.

7. Incident Response

Even with strong safeguards, no system is completely immune from security incidents. If we become aware of a data breach or security incident that affects your personal information, we will:

1Investigate the incident promptly.
2Take reasonable steps to contain and remediate the issue.
3Notify affected users and/or regulators when required by law.

8. Reporting a Security Issue

We take reports of potential security issues seriously. If you believe you have discovered a vulnerability, found suspicious activity, or identified a security concern related to Ovr, please contact us as soon as possible:

Ovr Finance - Security

JRM Creative Ventures LLC

111 Town Square Pl Ste 1238 PMB 877216

Jersey City, NJ 07310-1810, USA

support@ovrfinance.io

(Please include "Security Issue" in the subject line and avoid sharing highly sensitive information in your initial email.)

If possible, include:

  • A description of the issue or behavior you observed.
  • The page or feature where you noticed it.
  • Any steps to reproduce the issue.

We appreciate your help in keeping Ovr and our users safe.

9. Updates to This Security Statement

We may update this Security Statement from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Effective Date" at the top of this page.

We encourage you to review this page periodically to stay informed about how we are protecting your information.