Security Policy

We take security seriously. This document outlines the measures we take to protect you and your customers when you use Lennd.

Securing your event's data

When transmitting or storing any data related with your event, we take precaution to ensure that the requester of the data has authentication to view what they are requesting. Additionally, we ensure the data is encrypted while being transmitted and while it is at rest.

Credit card data

We don't store credit card data on our servers. All payment processing is handled by one of our payments integration partners such as Stripe, a certified Level 1 PCI Service Provider (the most stringent level of certification available). When credit card data is submitted via Lennd it is sent directly to Stripe via JavaScript over a secure SSL connection. The payment data never touches our servers.

We use SSL everywhere

We force HTTPS on our website and across our application. This creates a secure connection between client and server and protects all the data transmitted over the connection.

We keep offsite backups

We regularly take backups of all critical application data with a secure backup provider.

Responsible disclosure

We rapidly investigate all reported security issues. If you've discovered a security bug, please send an email to hello@lennd.com. We will try to respond within 24 hours (usually faster). We request that you not publicly disclose the issue until we can address it.

‍

Last Modified: October 17, 2019