Welcome
Trust Center

Welcome to the
Lev Trust Center

Security, privacy, and compliance aren't just checkboxes at Lev—they're foundational to everything we build. When you trust us with your sensitive deal data and lender relationships, we take that responsibility seriously. This Trust Center provides full transparency into how we protect your information.

securitycomplianceresourcesemail us

About Lev

Lev is the leading technology platform for commercial real estate financing. We help brokers, principals, and operators streamline their deal workflows—from sourcing capital to managing lender relationships—all in one place.

Our platform processes sensitive financial data, property information, and lender communications on behalf of clients transacting billions of dollars in commercial real estate annually. That's why security isn't just a feature at Lev—it's the foundation everything else is built on.

products
Lev FinanceLev TrackLev MemoLev Vault
platform
End-to-end CRE financing. Deal pipeline management, document generation, lender matching, and relationship intelligence—all in one workspace.
clients
Trusted by industry leaders. CRE brokers, debt funds, and institutional operators rely on Lev to manage their most sensitive deal data.
mission
Transparency and efficiency. We're building the infrastructure that makes commercial real estate financing faster, smarter, and more secure.

Our commitment to you

When you hand over your deal data, your lender contacts, your financial projections... you're trusting us with the lifeblood of your business. I get it. That's not something I take for granted.

We built Lev's security the same way we build everything else: obsessively. Every architecture decision, every code review, every vendor we bring on. It's not a checkbox exercise for us. It's how we operate.

Look, I know a Trust Center can only tell you so much. If you've got questions about our infrastructure, our controls, how we handle edge cases, just ask. I mean that. I make time for these conversations because they matter. Shoot me an email, get on a call with our team, whatever works.

This page is our attempt at radical transparency. But if you need more, we're here.

Alberto Sheinfeld
Alberto Sheinfeld

Chief Technology Officer

Email me

Ask Lev AI

Have questions about our security practices? Lev AI—powered by Claude—is trained on our complete Trust Center documentation. Ask questions in natural language and get accurate, sourced answers pulled directly from our security policies, compliance reports, and technical documentation.

Perfect for due diligence—get quick answers to common vendor assessment questions without digging through documents. Available on every page via the button in the header.

About this documentation

At Lev, safeguarding your data is our highest priority. Our platform is built with multi-layered security measures and strict privacy controls to protect your sensitive information throughout your commercial real estate transactions.

This Trust Center is organized into several sections: Security covers our infrastructure, encryption, and monitoring practices. Compliance details our certifications and audit programs. Resources provides access to our security policies and legal agreements.

Certifications & audits

Our security program is validated through independent third-party audits and assessments. These certifications demonstrate our commitment to maintaining enterprise-grade security standards.

current_certifications

soc2_type_ii
Certified annually. Third-party audit covering Security, Availability, and Confidentiality. Type II evaluates operating effectiveness over time. Learn more →
pentest
Quarterly cadence. External network, web apps, APIs, and auth systems. All findings remediated per vulnerability management policy. View scope →

For detailed compliance documentation, see the Compliance section.

Security architecture

Our security architecture implements defense in depth—multiple layers of protection from physical data center security to application-level controls.

infrastructure
Hosted on AWS with SOC 2, ISO 27001 certifications. 24/7 physical security, redundant utilities, and biometric access controls.
encryption
AES-256 at rest, TLS 1.2+ in transit. Strict key management with regular rotation through AWS KMS.
monitoring
24/7 surveillance using CloudSploit and Prowler. Continuous vulnerability scanning for all web applications.
access_control
Principle of least privilege. MFA required for all users. SAML/SSO integration available for enterprise.

For complete security documentation, see the Security section.

Data privacy

At Lev, we believe privacy is a fundamental right—and that your data belongs to you, period. We're custodians, not owners. Every decision we make about data handling starts from this principle: you should always remain in control of your information.

Our approach to data protection is built on four core principles. For details on how we handle email data specifically, see our email integration documentation.

ownership
You maintain ownership of your data at all times. We're processors, and you remain in control throughout your relationship with Lev.
minimization
We only collect data necessary to provide our services, automatically filtering to exclude non-deal-related communications.
purpose
Your data is only used for authorized purposes—powering your deal workflows and the features you choose to use.
transparency
We're open about our data practices with clear explanations of what data is collected, how it's used, and who can access it.

Quick actions

Get in touch, explore resources, or find answers to common questions.

Email our team
Schedule a call
View all resources
Download all resources
FAQ