We stand behind this commitment to the customers we serve.

There are many benefits of adopting a software-as-a-service ('SaaS') solution. These solutions are greener and more efficient than maintaining on-site hardware/software supported by your own IT resources. Delivering these benefits to LoanLogics customers also includes a responsibility for us to ensure the security and compliance of our solutions.

To that end, LoanLogics has put in place a secure technology environment to support our SaaS applications. Account, user and borrower information is protected through the combination of system security, data security, privacy policies, and user management settings.

• Our systems are secured through advanced firewall technology. data transmission encryption and intrusion detection technology. Dedicated infrastructure and full redundancy provide the application availability our customers expect.
• Information protection is a high priority and is addressed through policies and system settings. Our Information Security Policies cover our security practices in connection with the use of our hosted software applications and related support services, including professional services and trainings that we provide to customers. Our Information Security Policies also describe our controls designed to protect information provided by clients from unauthorized use or disclosure.
• Password management and logout settings are key aspects of system security that are in our customer's complete control. You can define the minimum length and character requirements associated with user passwords. And, password expiration intervals and the number of invalid password attempts for user lock-out are all customizable.

Loan Logics also has a rigorous commitment to compliance that aligns with our customer's need to address their own highly regulated environments. The protection and storage of highly confidential information is supported by:

• Highly resilient architecture utilizing multiple Amazon availability zones.
• Regulatory compliance, independent validation of controls and continuous control monitoring.
• Business Continuity Plans and Responsive Service Escalation Plan to support customer SLAs.
• Ongoing security program including 3rd-party penetration testing.