FAQ

Compliance

Scroll

← All questions

Is our data secure? What certifications do you hold?
Sweet is SOC 2 Type 2 certified, runs annual penetration testing, and encrypts data both at rest and in transit. Each customer's data sits in a segregated database, so your information is isolated from everyone else's.
Who can see our borrowers' data?
Your data is yours. It is encrypted and stored in a dedicated, segregated database for your institution, so it is not pooled with other customers. The team comes from a fintech and banking background and treats data security as a top priority, not an afterthought.
Can we control what the borrower sees, or keep things internal (e.g., not expose pricing/eligibility)?
Yes. Eligibility, pricing, and decisioning can be kept internal to the loan officer, and lenders can self-restrict what borrowers can do.
Do you generate loan documents and disclosures?
Yes — custom document generation works alongside the lender's disclosure vendors where required.
Is e-signature embedded and tamper-proof? Can we put an NDA first, and how is signing/vaulting handled?
Embedded e-sign with HSM tamper-sealing (same SDK family as DocuSign) with two signature options. An NDA can be the first gating task, and the platform integrates with e-vaulting (eOriginal/Wolters Kluwer) for authoritative copies.
How is our customers' data protected?
Sweet is SOC 2 Type 2, runs end-to-end encryption, uses multi-tenant data segregation, and hosts on AWS.
Can you pull financials from other institutions (Plaid) and verify identity?
Yes — connectors for financial data, plus multiple ID-verification options (SMS/carrier PII, driver's-license scan, KBA).

See the platform on your own book of business.

A working demo with your loan programs, your documents, and your workflow — not a slide deck.