Trust + compliance
Short version: we follow the same security practices banks and large software companies do. The technical paperwork is one email away — write partners@sponsornote.com and we'll send it.
Your information stays private
Everything you send to us is encrypted on the way in and stored in encrypted form. Passwords, sign-in links, and partner keys are scrambled in a one-way process — once they're saved, not even our own staff can read them back. Credit card numbers never touch our systems at all: payments go directly through a bank-grade payment processor that meets the highest industry standard.
Your data is safe and separated
Your information lives on professionally-managed servers with daily backups, so nothing is lost if something goes wrong. Every program's and sponsor's data is walled off from everyone else's — when you sign in, you only see what belongs to you, and that boundary is enforced on our servers, not in the browser.
Only the right people see the right things
Different roles get different screens. Platform admins, athletic directors, sponsors, coaches, compliance officers, and booster volunteers each see only what their job needs. Keys we hand out to partner platforms are locked to a single account and double-checked on every request — and they can be turned off instantly.
Paperwork for your IT or procurement team
If your IT or compliance office needs more detail, we have a standard security packet ready to go — including our data-processing agreement, list of vendors we use, and a security questionnaire. Emailed within one business day; enterprise customers get it bundled with their contract.
Sign in with your company's existing login
Larger sponsors often need their staff to sign in with their company's existing login system — Google Workspace, Microsoft, or any standard single sign-on (SSO) provider. We turn this on per customer; coordinate with your IT team via the enterprise contact.
If something goes wrong, you'll know fast
We're committed to telling enterprise customers within 72 hours if their data is confirmed to be affected by an incident. We're also working toward SOC 2 Type II (target Q4 2026) — the standard audit that software companies pass to prove they take customer-data security seriously.
Need the detailed paperwork?
For IT, procurement, or your school's compliance office — emailed within one business day.