Frequently Asked Questions

Yes, Lev is SOC 2 Type II certified. We undergo annual audits by a third-party audit firm covering Security, Availability, and Confidentiality trust service criteria. Our SOC 2 report is available for download in the Resources section.

We perform quarterly penetration tests through qualified third-party security firms. Tests cover external network infrastructure, web applications, API endpoints, and authentication systems. Summaries are available upon request.

Yes. All data is encrypted at rest using AES-256 and in transit using TLS 1.2+. We implement strict key management practices with regular rotation through AWS KMS.

Lev's infrastructure is hosted on Amazon Web Services (AWS) in the United States. AWS maintains SOC 2, ISO 27001, and numerous other compliance certifications. See our infrastructure documentation for more details.

Yes, we support SAML-based Single Sign-On for enterprise customers, allowing you to connect Lev with your existing identity provider. Contact us for SSO configuration.

Please report security vulnerabilities to security@lev.co. We take all reports seriously and will respond promptly with our security team.

No humans at Lev will ever have access to your email data. Our systems automatically process only deal-related emails using intelligent filtering. Personal communications are never ingested into the platform.

Your data is only accessible to authorized members of your organization. It is never shared with other Lev clients or third parties without your explicit consent. We maintain strict client isolation at all levels of our infrastructure.

Yes. Under CCPA, you have the right to request deletion of your personal data. Contact security@lev.com to submit a data deletion request.

No. Your contacts remain completely private and only visible to you. They aren't shared with Lev, other Lev clients, or anyone outside your organization.