📅
LeavePlan Pro
Sign InTry Free

Security & Compliance

Your data security and privacy are our top priorities. We use industry-leading practices to keep your information safe.

🔒

Bank-Level Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256)

SOC 2 Type II Certified

Independently audited for security, availability, and confidentiality

🇪🇺

GDPR Compliant

Full compliance with EU data protection regulations

🛡️

Regular Penetration Testing

Quarterly security audits by third-party experts

💾

Data Backup & Recovery

Automated daily backups with 99.9% uptime SLA

👥

Role-Based Access Control

Granular permissions to control who sees what data

Our Security Practices

Infrastructure Security

  • Hosted on AWS with multi-region redundancy
  • DDoS protection and web application firewall
  • Continuous monitoring and intrusion detection
  • Isolated environments for production and testing

Application Security

  • Secure code review and static analysis
  • Input validation and sanitization
  • Protection against OWASP Top 10 vulnerabilities
  • Regular dependency updates and patches

Access Controls

  • Multi-factor authentication (MFA) required
  • Single Sign-On (SSO) support via SAML 2.0
  • IP allowlisting for enterprise customers
  • Automatic session timeout after inactivity

Data Privacy

  • Data processing agreements available
  • Right to export and delete your data
  • No selling or sharing of customer data
  • Anonymous usage analytics only

Certifications & Compliance

SOC 2
Type II
GDPR
Compliant
HIPAA
Ready
ISO
27001

Responsible Disclosure

If you discover a security vulnerability, please report it to us responsibly. We appreciate your help in keeping LeavePlan secure.

Report a Vulnerability

security@leaveplan.com • PGP key available upon request

Questions About Our Security?

Our security team is happy to answer any questions or provide additional documentation.

Contact Security Team