The Fine Print
We want you to know that your business information is not for sale. We track, host, and retain data and documents for your convenience and will not share this data with any unauthorized third party.
It’s important to us at Loft Technologies, Inc. that you understand your fees, costs and rights when it comes to using our services. Although our explanations may have technical jargon or get caught up in legalese, the data your business creates is to help you grow, not us.
Loft Technologies, Inc. takes your data security seriously. All communication to and from our servers is established over securely encrypted SSL. Internal database connections are also encrypted over SSL. Loft Technologies, Inc. is hosted on PCI-compliant hardware and software systems that are constantly updated with security patches. All of our infrastructure is hosted behind a comprehensive firewall that also protects against DDOS and other network attacks. Our data is routinely backed up and available in multiple data centres in the event of a local disaster.
While some authorized staff may routinely interact with your data on your behalf as part of services offered. Privacy data is cleansed before any IT staff is allowed to view data or work on application internals.
Our database cluster is fault tolerant by design and uses AWS Aurora to ensure availability in multiple zones and would tolerate a complete failure in any of the AWS availability Zones.
For more details on high availability visit: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html
Physical infrastructure for Loft Technologies Inc is hosted and managed within Amazon’s secure data centers and utilizes the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:
SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
PCI Level 1
For more details on AWS security visit: https://aws.amazon.com/security/
Privacy – What We Collect
In order to supply a full services transaction processing service, Loft Technologies, Inc. requires several pieces of your personal information before you can start accepting credit cards. We ask for your business’s financial statements and data to ensure your accounting year-to-date records are accurate. In order to adequately assign, track and pay agents' we gather commission fees and structures, personal data, and other financial details.
In order to protect your privacy Loft is committed to using Tokenized payment systems only. This means secure and private information like bank account numbers or payment information is never stored or transmitted directly from our servers. All of our payment partners and processors are 100% PCI DSS compliant.
All contact info you supply to us is just that. It is contact info for us to get in touch with you, not to hand it out to solicitors or other third-party businesses.
Ways We Collect
Passive data collection
Active data collection
Loft Technologies, Inc. records a lot of information from every transaction; the type, amount, time, date, payment source and participants who interact with it. We log and maintain these records on our servers to meet legal requirements around accountability and security.
Currently, we keep all financial, including real estate and general accounting transactions and documents for an indefinite time, extending past the Canadian Revenue Agency’s recommended six years, as well as the Internal Revenue Service’s recommended seven years. This data is available to you and the employees or partners of your choice anytime.
In the extremely unlikely event it is archived, a simple request will produce the information within a few business days.
Using What We Collect
What we get out of it
Since we only collect data from our end, we optimize and upgrade our products and software based on raw data, not on private information. What raw data we do collect, we use to the benefit of Loft Technologies, Inc. and to improve our service.
In the event that Loft Technologies, Inc. is no longer your transaction services provider, we will keep all transaction-based data. Our records will be maintained for tax and legal purposes, external audits, as well as any use that you approve.
Eighteen and Under
Requirements for Brokerage registration make it impossible for anyone under the age of 18 to be a full-fledged independent Brokerage with Loft Technologies, Inc. This means that we never collect any minor’s personal or banking-related information.
We understand that many businesses will employ people under the age of 18, but they are considered additional users of Loft Technologies, Inc., and we never ask for any personal information from those users.
With our payment and deposit integrations, deposits can be accepted from anyone with a bank account and their personal information will be stored for your records.
Loft Technologies, Inc. is not responsible for the information that you as a Brokerage or business collect from customers, regardless of their age or the legal implications of collection.
Like it or not, money is a huge driver of criminal activity and Loft Technologies, Inc. has zero tolerance for the use of our service in any illegal activity. If there is a significant number of questionable transactions or irregular payments, we will take measures to investigate with or without your approval.
If we are ever contacted by government agencies or police forces over the financial activity of your business, we will examine all of our legal options and do our best to keep you informed at every step along the way.
If at any point in time, you have any questions about how your information is being handled, please contact us by email at connect@Loft47.com.