Security

Your Data is Yours

  • We do not share or sell the organizational or personal information for you or any team member connected to your account. Period. Your data belongs to you and your team.
  • We will purge your data from our data stores and logs at your request or automatically upon account cancellation.
  • We cannot access your data unless you ask us to for troubleshooting purposes.

Your Data is Protected and Secure

  • Whenever your data is in transit between you and us, everything is encrypted, and sent using HTTPS.
  • Each user in your organization is provided with a unique email address and strong password or expiring authentication token that must be entered each time a user signs on.
  • Your credit card data is securely submitted directly from your browser to a leading, PCI Service Provider Level 1 payment gateway. It never touches our servers.
  • We keep rotating, daily backups of all account data.
  • Under the hood, all data is encrypted in transit and at rest.
  • Sensitive data, like passwords and authentication tokens are never logged.
  • Your data is housed in physically secured, SOC2 compliant, and ISO 27001/27017/27018 certified data centers within the United States.

Our Systems are Monitored 24x7

  • Our managed hosting provider operations team monitors all hosts and services for integrity and availability, 24 hours a day, 7 days a week.
  • Our software infrastructure is updated regularly with the latest security patches.
  • Both manual and automated vulnerability scans and security reviews are continuously performed.

Security Exploit Bounty Program

Security of user data and communication is of utmost importance to us. In pursuit of the best possible security for our service, we welcome responsible disclosure of any vulnerability you find in Level. Additional details here.

More Information

Contact us anytime for additional details.