Version: 20250304.1

Our Approach to Security & Compliance

At EarnUp, compliance and security are fundamental to our operations. We recognize the critical importance of meeting regulatory requirements and safeguarding customer data. Our robust compliance framework ensures our services adhere to the highest industry standards, providing peace of mind for our customers.

For access to our compliance documentation, including system descriptions, please contact our compliance team at compliancereports@EarnUp.com. Documentation is available under a Non-Disclosure Agreement (NDA).

Compliance Certifications

SOC 2 Type II Compliance

EarnUp undergoes independent third-party audits to validate our adherence to industry-leading security and compliance controls.

  • SOC 2 Type II: Our SOC 2 Type II report provides assurance regarding the effectiveness of our security, availability, and confidentiality controls. This report is available upon request at compliance@earnup.com.

Policies & Procedures

To uphold compliance and security standards, EarnUp has implemented a comprehensive set of policies and procedures, including:

  • Information Security Policy
  • Acceptable Use Policy
  • Code of Conduct
  • Employee Background Checks
  • Endpoint Encryption for Company-Issued Devices
  • Release & Change Management Procedures
  • Access Provisioning, Termination, and User Access Reviews
  • Incident Response Plan
  • Business Continuity & Disaster Recovery Plan
  • Penetration Testing Program
  • Breach Notification Policy
  • Cloud Security Alliance CAIQ

Security at EarnUp

The security and privacy of customer data is our top priority.

Sub-Service Provider Management

EarnUp conducts an annual security review of its critical sub-service providers. If material risks are identified, we work closely with providers to mitigate potential impacts and track remediation efforts to resolution.

Security Incident Reporting

We encourage responsible disclosure—if you identify a potential security incident, please submit a summary report to security@EarnUp.com. Our Information Security team will assess the report and follow up as needed.

Encryption Standards

EarnUp enforces industry best practices for data transmission and storage:

  • Data Transmission: All data is transmitted using Transport Layer Security (TLS).
  • Data Storage: Customer data is stored in a SOC 1 Type II, SOC 2 Type II, and ISO 27001 certified data center, encrypted at rest using AES-256 encryption.
  • Access Controls: Data access is authenticated per session request, ensuring strict security measures including but not limited to MFA.

Audit Trails

A non-editable audit trail records every action on customer data, ensuring transparency and accountability with detailed time-stamped logs.

Infrastructure Security

EarnUp leverages Amazon Web Services (AWS) for secure infrastructure hosting within the U.S. Our security measures include:

  • AWS Web Application Firewall (WAF)
  • AWS Macie & GuardDuty for threat detection
  • Virtual Private Cloud (VPC) & Security Groups
  • Disk-Level Encryption

Dedicated Security Team

EarnUp has a formal Security, Compliance, and Privacy Program led by dedicated security professionals who ensure ongoing compliance with industry standards.

Employee Security & Awareness

All employees undergo comprehensive background checks and receive annual security awareness training to reinforce a culture of security and compliance.

Privacy Commitment

Protecting your personal information is a core commitment at EarnUp.

  • Our Privacy Policy outlines how we collect, use, and protect customer data.
  • Independent third-party auditors assess our security and confidentiality controls annually. Reports are available upon request, subject to an NDA.
  • To report a privacy-related concern, contact us at privacy@EarnUp.com.

Data Deletion & Destruction

EarnUp reviews data deletion or expungement requests on a case-by-case basis, ensuring compliance with legal and business requirements. To initiate a request, contact our support team.

EarnUp Inc.
2370 Market St Ste 203
San Francisco, CA 94114-1521 USA
800-209-9700

AICPA SOC logo

© EarnUp 2025  All Rights Reserved  

blue gradient circle
close menu icon

Find Your Student Loans
& See How You Can Save

PayItOff is a feature of MyEarnUp that allows you to locate your loans. Please complete the form below to access our student loan tool and receive comprehensive information regarding your student loan account and savings opportunities. 

Pay it Forward, Keep it a No Cost Feature!

We rely on voluntary payments from our users to continue offering our loan location service at no cost. After you find your loans, we will contact you with information on how you can make a voluntary payment to pay it forward.

Student Loan Locator
First
Last
By selecting this checkbox, you agree to receive periodic automated marketing text messages at the mobile number provided. Further consent not required, cancel anytime. Data rates may apply. By clicking Locate My Student Loans you are agreeing to EarnUp's privacy policy and terms of use.

blue gradient circle
close menu icon

Start Your Financial Assessment Quiz