Data Protection
Encryption in Transit
All API traffic is secured via TLS 1.3. We enforce strict HSTS policies to prevent downgrade attacks. Email delivery uses opportunistic TLS with a 99.8% enforcement rate.
Encryption at Rest
Databases are encrypted using AES-256 (GCM mode). Keys are managed via AWS KMS with regular rotation schedules (90 days).
Physical Infrastructure
Our infrastructure is hosted across ISO 27001 certified data centers provided by AWS and Google Cloud Platform. We do not own or operate physical servers.
- Biometric access controls at all facility entry points
- 24/7/365 CCTV monitoring and security personnel
- N+1 Redundancy for power and cooling systems
Compliance Artifacts
SOC 2 Type II Report
Period: 2024-2025
GDPR DPA
Standard Contractual Clauses
* Access to full audit reports requires an NDA and active Enterprise subscription.
Report Abuse
Received unsolicited mail? We take spam reports seriously. Our Trust & Safety team investigates all reports within 24 hours.
Direct Contact
abuse@sunnypaydayloan.com
PGP Key ID: 0x4A2B...