LVL Up Performance

Security at LVL Up Performance

Your data security and privacy are our top priorities

Data Encryption

We implement industry-standard encryption to protect your data both in transit and at rest:

  • TLS 1.3: All data transmitted between your browser and our servers is encrypted using the latest TLS protocol
  • AES-256: Sensitive data at rest is encrypted using AES-256 encryption
  • Password Hashing: User passwords are hashed using bcrypt with salt

Infrastructure Security

Our infrastructure is built on enterprise-grade cloud services:

  • Vercel Hosting: Enterprise-grade hosting with DDoS protection and edge network
  • Neon PostgreSQL: Serverless PostgreSQL with automatic backups and point-in-time recovery
  • Regular Backups: Automated daily backups with 30-day retention
  • Disaster Recovery: Geo-redundant backup storage for business continuity

Access Control & Authentication

We implement strict access controls and authentication measures:

  • Multi-Tenant Architecture: Complete data isolation between organizations
  • Row Level Security (RLS): Database-level security policies prevent unauthorized access
  • Role-Based Access Control (RBAC): Granular permissions based on user roles
  • OAuth 2.0: Secure authentication with Google and other providers
  • Account Lockout: Automatic lockout after failed login attempts
  • Rate Limiting: Protection against brute force and DDoS attacks

Monitoring & Incident Response

We actively monitor our systems and maintain comprehensive audit logs:

  • Audit Logging: All authentication events, permission changes, and sensitive operations are logged
  • 24/7 Monitoring: Automated monitoring and alerting for security incidents
  • Incident Response: Documented procedures for handling security incidents
  • Regular Security Audits: Periodic review of security practices and code

Compliance & Standards

We are committed to maintaining compliance with relevant regulations and standards:

GDPR Compliant

Full compliance with EU General Data Protection Regulation

SOC 2 Type II

In progress - Expected certification Q2 2025

ISO 27001

Information security management system standards

CCPA Compliant

California Consumer Privacy Act compliance

Security Best Practices for Users

Help us keep your account secure by following these best practices:

  • 1.Use a strong, unique password (minimum 8 characters with uppercase, numbers)
  • 2.Enable two-factor authentication when available
  • 3.Never share your login credentials with others
  • 4.Log out from shared or public computers
  • 5.Review your account activity regularly
  • 6.Report suspicious activity immediately

Responsible Disclosure

If you discover a security vulnerability, we encourage responsible disclosure:

Report security issues to:

Email: security@lvlup.com

Please provide detailed information about the vulnerability and allow us reasonable time to address the issue before public disclosure.

Questions About Security?

Our security team is here to help answer any questions you may have.

Contact Security Team