Getting started
      Back to home
      1. LTSE Equity Knowledge Base
      2. Getting started

      Security & Compliance

      Safeguarding equity data for 32,000 venture-backed startups is one of the biggest considerations in everything we do.

      LTSE Equity is made by LTSE. We’re operating a new stock exchange to enable modern, long-term companies to thrive, including a secure and reliable software infrastructure. We are fully GDPR compliant. We employ modern practices such as end-to-end data encryption and multi-location, redundant data backup. We maintain strict access and disclosure control over our systems and your data.

      Data encryption

      All access to LTSE is over a secure (SSL encrypted) connection. The same applies for all data sent between LTSE servers on our internal network.
      We do not store your password. Instead, we store a salted cryptographic hash of your password so that even if our database is compromised, all passwords will be secure.

      Data storage and backup

      Backups are stored offsite and are encrypted using PKI cryptography. LTSE performs daily backups of the entire database.
      Our servers are hosted with Amazon Web Services in multiple US regions. Here's more about AWS security and compliance.

      GDPR / CCPA

      We fulfil EU General Data Protection Regulation (GDPR) obligations and maintain transparency about customer messaging and how we use data.

      DPA - Data Processing Agreement

      Services Summary

      Subprocessors

      AICPA SSAE 18 / SOC reports

      We are completing a Service Organization Controls 2 (SOC 2) Type 1 audit with a 3rd-party evaluator certified by The American Institute of CPAs (AICPA). This audit uses the Trust Services Principles, published by the AICPA, to evaluate the effectiveness of a our controls with respect to security, availability, processing integrity, online privacy, and confidentiality.
      For customers, please contact us at support@ltse.com regarding our SOC reports. More information on SOC reports can be found here.

      PCI DSS Level 1 certification

      All payments made to LTSE Equity go through our partner, Stripe. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. Details about Stripe's security setup and PCI compliance can be found at here.

      Additional reading