Since its founding in April 2000 as “Stiel Direct LLC”, the Nevo Financial team—now operating as a consolidated entity under Abetica Studios—has worked with many of the world’s leading retailers, financial institutions, and credit card issuers on large-scale initiatives. We are dedicated to extreme diligence and investment to meet and exceed all applicable data security, PCI-DSS, and regulatory compliance requirements. We ensure every transaction and customer record entrusted to us is secured using the most advanced cryptographic processes and zero-trust architectures available.
The following provides an overview of the six key practices followed by our organization in data security and use:
PRACTICE 1 – INFORMATION SECURITY & DATA MINIMIZATION
We strictly protect the security of our Client Information and honor client choices for its intended use. We utilize industry-leading safeguards, including end-to-end encryption (both at rest and in transit) and multi-factor authentication (MFA), to protect your data from misuse, loss, unauthorized access, disclosure, alteration, or destruction. We practice data minimization, ensuring we only collect, process, and retain the Personally Identifiable Information (PII) absolutely necessary to execute our mutually agreed-upon services.
PRACTICE 2 — TRANSPARENCY & NOTICE
We will ask you, our client, when we need information that identifies you and/or your customers (Client Information), or allows us to contact you. Generally, this information is requested when clients subscribe to or purchase our services, request an RFP response, complete an inquiry form, or participate in a client initiative. We use Client Information for four primary purposes:
- To streamline the delivery and execution of our consulting and marketing services.
- To help you quickly find the relevant services or information you need from our firm.
- To optimize and deliver content, campaigns, and strategies most relevant to your target audience.
- To keep you informed about product developments, industry updates, and new services.
PRACTICE 3 – PERMISSION & INDIVIDUAL RIGHTS
If you choose not to provide certain client information, you can still request our assistance, though it may limit the scope of services we can provide.
- Opt-In/Opt-Out: You maintain complete control over the information you provide us when you employ or subscribe to various services, such as direct mail, new account acquisition campaigns, or CRM Database Services.
- Communication Preferences: If you prefer not to receive marketing communications from us regarding programs, events, or services, please notify us. We strictly honor the principle of permission-based communication.
- Data Rights: In accordance with modern privacy frameworks, clients and their customers maintain the right to access, correct, limit the use of, or request the deletion of their personal information currently under our control.
PRACTICE 4 – ACCESS & AUDITING
We provide you with reasonable means to ensure that your Client Information is safe and secure. You may reasonably review, audit, inspect, and evaluate our data security practices at any time, according to mutually agreed and accepted standard industry practices. You may:
- Review client information practices followed, including adherence to Service Level Agreements (SLAs) and data processing addendums.
- Provide feedback and input on supplementary security measures you require for specific campaigns.
- Request compliance reports regarding data handling in shared environments.
PRACTICE 5 – ENFORCEMENT & INCIDENT RESPONSE
We are committed to protecting your Client Information, competitive strategy, and privacy. If you believe our organization has not adhered to these principles, please notify us immediately.
- Breach Protocol: In the highly unlikely event of a data compromise, we maintain a strict incident response plan that includes immediate containment, forensic analysis, and prompt notification to affected clients and relevant regulatory bodies within legally mandated timeframes.
PRACTICE 6 – REGULATORY COMPLIANCE
We work closely with our financial services clients to ensure we support their efforts to comply with applicable state and federal regulations, including the California Privacy Rights Act (CPRA), the Electronic Fund Transfer Act (EFTA), CDD/KYC requirements, and the U.S. Patriot Act. Our goal is to continually earn and maintain your trust through transparent, compliant, and fair information management.
The Identity Theft & Data Integrity Reward Program
In 2002, the organization (then operating as Stiel Direct LLC) established a $10,000 Identity Theft Reward Program for employees, vendors, and associates. Today, as part of Abetica Studios, we continue to enforce this zero-tolerance policy.
This program eliminates the temptation and potential illicit gain from data compromise among any personnel or third-party vendors who handle confidential client and credit application data under our control.
Background
While we have maintained a flawless record with zero incidents of data compromise throughout our history, we treat data security as our paramount operational directive. This reward program sends a clear message: we will aggressively pursue the prosecution of data and identity theft, and we actively empower our associates to act as whistleblowers regarding any suspicious activity. The goal is absolute prevention and deterrence.
The Reward Program
The data integrity reward program provides for cash rewards of up to $10,000 for information leading to the arrest and conviction of any persons or entities who have obtained, or attempted to obtain, confidential consumer data from our employees, networks, or physical resources for illicit purposes, including but not limited to:
- Fraudulently using or opening a credit or bank account.
- Opening telecommunications or utility accounts using client PII.
- Passing bad checks or initiating unauthorized financial transfers.
- Securing loans, housing, or employment under a stolen identity.
For more information, please reach us electronically: Click Here.
Last Updated: April 23, 2026