SunComply helps Florida restaurant owners protect their businesses from compliance risk. We take the same care with your data that we ask you to take with your licenses. This page explains how we protect your information, what happens if something goes wrong, and what you can always count on — in plain English.
You can export everything in your SunComply account to CSV at any time, on any plan, with one click. No "contact support to request your data." No waiting period. No lock-in. If you ever decide SunComply isn't for you, you walk away with everything you put in.
Every connection between your browser and our servers is encrypted using TLS 1.2 or TLS 1.3. Older, insecure protocols (SSLv3, TLS 1.0/1.1) are disabled. Certificates are auto-rotated and validated via Let's Encrypt.
All stored data — including uploaded documents and saved credentials — is encrypted at rest using AES-256, the same standard required by HIPAA, FISMA, and U.S. government classified data. Encryption keys are managed separately from the data they protect.
Payments are processed exclusively by Stripe, which holds PCI-DSS Level 1 certification — the highest level in the Payment Card Industry standard. Card data never touches our servers. We store only a Stripe-issued token.
Our application runs on cloud infrastructure that maintains SOC 2 Type II certification, with independent third-party audits covering security, availability, and confidentiality controls. Data is hosted in U.S.-based data centers.
Every user's data is isolated at the database level using row-level security (RLS) policies. No query — even internally — can return data across account boundaries. Access is enforced by the database engine, not just application logic.
Database backups run continuously with point-in-time recovery (PITR) support. In the event of data loss or corruption, we can restore to any point within the retention window — typically 7 days.
If we discover a security incident that affects your data, we will notify you within 72 hours. This matches the strictest data protection standards and reflects our commitment to transparency.
Like any web service, SunComply occasionally experiences downtime for maintenance or unexpected issues. We work to resolve these quickly and communicate openly when they happen.
SunComply is built and maintained by a small, focused team. We're committed to being here for the long haul — but we also believe in being honest about what that means.
Our commitment to you: If SunComply ever needs to discontinue service, we will provide at least 90 days' advance notice and ensure every user has the opportunity to export their complete data before any service ends. Your compliance history, documents, and records will always be retrievable.
This is our standing policy, not a contractual SLA — but it's a commitment we take seriously and one we publish openly so you can hold us to it.
We want to be straightforward about this:
SunComply is a tracking and reminder tool designed to help you stay organized and ahead of renewal deadlines. We research and surface compliance requirements from official Florida government sources, and we work hard to keep that information accurate and current.
However, the ultimate responsibility for compliance rests with the business owner. Regulations change, local requirements vary, and authorities have the final say. SunComply is designed to make compliance dramatically easier — not to replace your own due diligence or professional advice when you need it.
For questions about specific legal or regulatory obligations, we always recommend consulting directly with the applicable Florida state agency, your local authority, or a qualified professional.
If you have questions about security, your data, or anything else on this page, email us at support@suncomply.com. We respond to every message personally.
Last updated: April 9, 2026 · Privacy Policy · Terms of Service