Security and Compliance

We understand the importance in providing clear information about our security practices, tools, resources and responsibilities, so that our customers can feel confident in choosing us as a trusted service provider and understand how and what we do in order to secure our platform

How does Loanspark protect your information?

Loanspark has extensive security measures in place to protect the loss, misuse and alteration of the information we collect, process, and store. We take commercially reasonable security measures to safeguard your information according to strict standards of security and confidentiality.

Security program highlights

Data Security

Loanspark encrypts data at rest and in transit for all of our customers and our production data. Each of our employees are required to complete security awareness training once per year to ensure we are protecting data that is handled by our humans.

Application Security

Loanspark regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the source code, running application, and the deployed environment. In addition to this, we monitor our application 24x7x365 for threats.

Infrastructure

Loanspark uses top American based cloud infrastructure provider to host our application. We make full use of the security products embeeded with the Digital Ocean ecosystem. Our deployment strategy is one where user data is never written into or stored in code and our infrastructure systems access is limited to a very small group of humans. Additionally, all points of ingress and egress are carefully monitored daily.

Compliance monitoring and testing

Loanspark uses automated compliance monitoring and testing. Our data security controls, application security controls and infrastructure platform are monitored 24x7x365 to ensure that we are exceeding regulatory requirments.

Data Security

Loanspark encrypts data at rest and in transit for all of our customers and our production data. Each of our employees are required to complete security awareness training once per year to ensure we are protecting data that is handled by our humans.

Application Security

Loanspark regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the source code, running application, and the deployed environment. In addition to this, we monitor our application 24x7x365 for threats.

Infrastructure

Loanspark uses top American based cloud infrastructure provider to host our application. We make full use of the security products embeeded with the Digital Ocean ecosystem. Our deployment strategy is one where user data is never written into or stored in code and our infrastructure systems access is limited to a very small group of humans. Additionally, all points of ingress and egress are carefully monitored daily.

Compliance monitoring and testing

Loanspark uses automated compliance monitoring and testing. Our data security controls, application security controls and infrastructure platform are monitored 24x7x365 to ensure that we are exceeding regulatory requirments.

Certifications / Licensure

AICPA SOC

SOC 2 Type 1 Certified
SOC 2 Type 2 Pending

Compliance with SOC 2 requirements indicates that an organization maintains a high level of information security. Strict compliance requirements (tested through on-site audits) can help ensure sensitive information is handled responsibly.

Type 1 describes the organization’s systems and whether the system design complies with the relevant trust principles.

Type 2 details the operational efficiency of these systems.
NMLS

Nationwide Multistate Licensing SystemID #2260965

Loanspark is currently licensed to originate commercial finance transactions in 47 states, including the state of California where we hold our California Finance Law Brokers License.

License Number:  60DBO-155057

Loanspark

Data collected
Customer personally identifiable information
Employee personally identifiable information
Credit card information
See all data
Monitoring
Infrastructure security
Service infrastructure maintained
Production data backups conducted
Intrusion detection system utilized
See more
Organizational security
Portable media encrypted
Anti-malware technology utilized
Employee background checks performed
See more
Product security
Data encryption utilized
Data transmission encrypted
Vulnerability and system monitoring...
See more
Internal security procedures
Vulnerabilities scanned and remediated
Access reviews conducted
Incident response plan tested
See more
Data and privacy
Privacy policy established
Customer data deleted upon leave
Data retention procedures established
See more

Frequently asked questions

Where is our data stored?
Is our data encrypted?
Which security features do we offer to protect our service from external attacks?
Are we transparent with the way we use and access your customers' data?

Spark something new!
Connect your customers to capital, with Loanspark

Book a call with our team to learn more about how Loanspark can grow your business.