Trust & Security

Last updated: 31 May 2026

Brokers trust LSbroker with their clients' enquiry details, so protecting that information is central to how we build. This page sets out where your data lives, how it's protected, and the independently-audited infrastructure we rely on. Everything below is verifiable β€” we've linked to each provider's own security documentation. For plain-English answers to the questions brokers ask most, see our Security FAQ.

πŸ‡¦πŸ‡ΊAustralian data residency

Your account and lead data are stored in a database hosted in Sydney, Australia. Our database provider deploys each project into the region chosen at creation and keeps the data within that region β€” so your primary data stays onshore. (Some supporting services, noted below, may process limited data overseas; this is detailed in our Privacy Policy.)

πŸ›‘οΈBuilt on independently-audited infrastructure

LSbroker runs on established providers that are independently audited and certified to recognised security standards. We inherit and build on those controls:

ProviderRoleIndependent certifications
Supabase Database, authentication & hosting (Sydney region) SOC 2 Type 2, ISO 27001 Β· supabase.com/security
Vercel Website & application hosting / delivery SOC 2 Type 2 Β· security.vercel.com
Stripe Subscription billing & payments PCI DSS Level 1, SOC 2 Type II, ISO 27001 Β· stripe.com/security
Resend Lead-notification & account email delivery SOC 2, GDPR Β· resend.com/security
To be precise: these certifications are held by the named providers. LSbroker is built on this certified infrastructure β€” we don't claim to independently hold these certifications ourselves.

πŸ”’Encryption

Data is encrypted in transit using TLS, and at rest using strong encryption (AES-256) across our hosting and database providers. Connections to LSbroker and its calculators are served over HTTPS.

πŸ’³Payments β€” we never see your card

All subscription payments are handled directly by Stripe, a PCI DSS Level 1 certified payment processor (the highest level). Card details are entered into Stripe's secure systems β€” LSbroker never receives or stores full card numbers, which keeps that sensitive data out of our environment entirely.

πŸ“ŠYour data, used only to run the service

🚨Data breach response

We comply with the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth). If an eligible data breach affecting personal information were to occur, we are committed to notifying affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by law.

🀝For brokers β€” data handled on your behalf

Enquiry information submitted through your branded calculator belongs to you. We process and store it on your behalf to deliver the service, with access protected by row-level security so each broker can only ever see their own leads. Lead details are made available to you in your secure, login-protected dashboard; our email notifications simply tell you a lead has arrived and deliberately do not contain the enquirer’s contact details or calculator results, so personal information is never exposed in inboxes or mail logs. This is designed to support your own obligations under the Australian Privacy Principles. If you need a written data-processing statement for your records or your own compliance, contact us.

βœ‰οΈQuestions

Security or data questions, or a request for documentation? Email admin@lsbroker.com.au.