Moonfare Security: How We Protect Your Data
At Moonfare, security is our top priority. We implement robust measures to protect your personal and financial data. This page outlines the key steps we take to safeguard your information and how you can enhance your security when using our platform.
How do I use Moonfare Platform Safely?
1. Use Strong Authentication
- Choose a password with at least 12 characters, including letters, numbers, and symbols.
- 2-Factor Authentication (2FA) is enabled by default. We recommend switching to app-based 2FA (such as Google Authenticator) for better security.
2. Stay Alert to Phishing & Social Engineering
- Moonfare will never ask for your password or private details via email or phone.
- Be cautious of unsolicited emails or messages pretending to be from Moonfare.
3. Keep Your Login Credentials Private
- Never share your Moonfare password or email password with anyone.
- If you experience login issues, reach out to our team through team@moonfare.com
4. Verify You’re on the Official Moonfare Website
- Never share your Always check that you are visiting https://www.moonfare.com
- Our website is secured with SSL/TLS encryption to protect your data from interception.
5. Watch Out for Fake Emails (Email Spoofing)
- Always verify that emails from Moonfare come from an @moonfare.com domain.
- Be cautious with emails that request sensitive information or contain urgent security warnings.
How Moonfare Protects Your Data
Platform Security
- ISO 27001 Certified: Moonfare follows internationally recognized security standards to ensure the confidentiality, integrity, and availability of your data.
- DDoS Protection & Web Application Security: We use leading firewall and anti-DDoS systems to block attacks.
- Regular Security Testing: We conduct internal and third-party penetration tests
- Bug Bounty Program: Ethical hackers help us find and resolve security issues through our private bug bounty program. to identify and fix vulnerabilities.
- Vulnerability Management: We follow strict policies to prioritize and fix security risks based on severity.
- Data Encryption: All data is encrypted at rest (AES-256) and in transit (TLS v1.2+).
Internal Security Measures
- Employee Device Security: We use industry-leading endpoint protection and anti-malware solutions.
- Network Security: Our network is segmented and monitored for suspicious activity.
- Access Controls: Employees use Single Sign-On (SSO) and Multi-Factor Authentication (MFA) with least-privilege access.
- Continuous Monitoring: We deploy Security Information & Event Management (SIEM) to detect and respond to cyber threats.
- Backup & Disaster Recovery: We maintain continuous backups across multiple secure locations to ensure quick recovery in case of incidents.
Moonfare's Vulnerability Disclosure Policy
Vulnerability Disclosure Philosophy
Moonfare believes effective disclosure of security vulnerabilities requires mutual trust, respect, transparency and common good between Moonfare and Security Researchers. Together, our vigilant expertise promotes the continued security and privacy of Moonfare customers, products, and services.
Security Researchers
Moonfare accepts vulnerability reports from all sources such as independent security researchers, industry partners, vendors, customers and consultants. Moonfare defines a security vulnerability as an unintended weakness or exposure that could be used to compromise the integrity, availability or confidentiality of our products and services.
Security Researchers
This policy applies to any digital assets owned, operated, or maintained by Moonfare, including public facing websites.
Security Researchers
- Trust. We maintain trust and confidentiality in our professional exchanges with security researchers.
- Respect. We treat all researchers with respect and recognize your contribution for keeping our customers safe and secure.
- Transparency. We will work with you to validate and remediate reported vulnerabilities in accordance with our commitment to security and privacy.
- Common Good. We investigate and remediate issues in a manner consistent with protecting the safety and security of those potentially affected by a reported vulnerability.
Vulnerability Reporting
Moonfare recommends that security researchers share the details of any suspected vulnerabilities across any asset owned, controlled, or operated by Moonfare (or that would reasonably impact the security of Moonfare and our users) using the web form below. The Moonfare Security team will acknowledge receipt of each vulnerability report, conduct a thorough investigation, and then take appropriate action for resolution.
Have Questions or Security Concerns?
Reach out to our team at security@moonfare.com for any security-related inquiries.
Anti Money Laundering and Fraud measures
Moonfare has a Compliance department which is responsible for the effectiveness of controls, policies and procedures designed for the prevention of money laundering and terrorist financing. Effective measures also are implemented to cover the scope of anti-bribery and corruption.
Know Your Customer
Moonfare has developed and put in place risk-based systems and controls to comply with its AML/CTF obligations. Moonfare protects its website and its customers from money laundering by requiring all prospective investors to undergo KYC verification checks after signing up on the platform. We do not accept as a customer any person listed on the Consolidated List of targets to whom financial sanctions apply. Any suspicious cases are reported to Compliance, who investigates them conscientiously and consistently.
Fraud Controls
We are an active participant in international efforts to combat fraud, corruption and the funding of terrorist and criminal activities. Our commitment is ongoing through the maintenance of ongoing controls to detect and prevent any such illegal practices.
Risk Management
Moonfare is continuously improving its risk management policy, strategy and supporting framework. Moonfare recognises that risk is an integral and unavoidable component of business and is committed to managing risk in a proactive and effective manner. Moonfare seeks to promote a strong risk culture throughout our organization and communicates the importance of a strong risk culture across the organization.
Disclaimer
Moonfare will never send you unsolicited messages and we will never ask for your credentials!
About Moonfare
Moonfare aims to lead a new era of private equity investing by creating the opportunity for higher returns for more people. We are building the world's most engaged investor community to inspire investments that drive the world forward.
Important information
Moonfare does not make investment recommendations and no communication, through this website or in any other medium should be construed as a recommendation for any security offered on or off this investment platform. Alternative investments in private placements, and private equity investments via feeder funds in particular, are speculative and involve a high degree of risk and those investors who cannot afford to lose their entire investment should not invest. Prospective investors should carefully consider the risk warnings and disclosures for the respective fund or investment vehicle set out therein. The value of an investment may go down as well as up and investors may not get back their money originally invested. Past performance is not necessarily a guide to future performance. An investment in a fund or investment vehicle is not the same as a deposit with a banking institution. Please refer to the respective fund documentation for details about potential risks, charges and expenses. Additionally, investors will typically receive illiquid and/or restricted membership interests that may be subject to holding period requirements and/or liquidity concerns. In the most sensible investment strategy for private equity investing, private equity should only be part of your overall investment portfolio. Further, the private equity portion of your portfolio may include a balanced portfolio of different private equity funds. Investments in private equity are highly illiquid and those investors who cannot hold an investment for the long term (at least 10 years) should not invest.
- 1 Minimum investment may vary by country and local regulation.
- 2 Source: McKinsey "Private Markets Annual Review 2022"
- 3 Past performance is no guarantee of future returns.