Our servers are located within the enterprise-grade Microsoft Azure data centres. Access is restricted to authorised staff through a combination of biometric systems and 24/7 onsite security guards and conforms to global and country specific standards.
Lendr does not store your credit card information on our servers. We use Braintree Payments for one off transactions and Chargify for subscription billing, both of which encrypt your sensitive data on PCI-Compliant servers.
Your data is backed up hourly and copies stored securely offsite from the data centres they originated from. We have a fault-tolerant architecture in place and replicate our internal services over multiple locations. This allows us to provide our users with high uptime and recover quickly from any unlikely major data incidents.
All data sent to Lendr runs over SSL for both external and internal services. All passwords are hashed and never stored as pain text. We use modern cryptographic ciphers with large iterations making them extremely difficult to brute force. Authorization is done using 0auth2 standard and signed with secure certificates which are frequently rotated.
If you’ve discovered a security issue with Lendr then we’d appreciate your help disclosing the issue to us responsibly. Please email us email@example.com and provide information on how to reproduce it, the type of vulnerability, and the domains and webpages affected by it.