Sign in

Security at Retro Rabbit

Your security and privacy are our top priorities

Data Protection

All data in Retro Rabbit is encrypted both in transit and at rest. We use industry-standard TLS (Transport Layer Security) for all data in transit, and AES-256 encryption for data at rest.

Your retrospective data is stored in secure, SOC 2 compliant data centers with 24/7 monitoring and multiple layers of physical and network security.

Authentication & Access Control

We support Single Sign-On (SSO) integration for Enterprise customers, allowing you to use your organization's identity provider for secure authentication.

We do not store any passwords in our system. Instead, Retro Rabbit relies exclusively on secure third-party authentication providers such as Google and Slack to handle user authentication.

To further enhance security, we encourage enabling two-factor authentication (2FA) through these trusted providers, offering an additional layer of protection for your account.

Infrastructure Security

Our infrastructure is hosted on AWS, leveraging their world-class security features and compliance certifications.

We employ multiple security layers including:

  • Regular security audits and penetration testing
  • Continuous monitoring for suspicious activities
  • Automated vulnerability scanning
  • Regular security patches and updates
  • Network segmentation and firewalls

Data and Data Retention

Your company's data and retrospective notes are securely protected within the Retro Rabbit platform. Access to your data is limited exclusively to your company's employees. Retro Rabbit enforces strict access controls, ensuring that only one or two authorized database administrators can access company-related data when necessary. For enterprise customers, we offer the option to establish non-disclosure agreements (NDAs) between Retro Rabbit LLC and the customer to further enhance data security and confidentiality.

Data is retained for 90 days after account deletion, providing businesses with a sufficient window to reactivate their accounts if needed. After this 90-day period, all customer data is permanently deleted from the Retro Rabbit system.

Payment Processing and Security

Retro Rabbit partners with Stripe to handle payment processing. As a globally trusted payment provider, Stripe is renowned for its robust security measures and is used by millions worldwide. With Stripe, your payment information is safeguarded by industry-leading security standards. For more details on how Stripe manages and protects your data, please refer toStripe's security documentation.

Incident Response

We have a comprehensive incident response plan in place to quickly address any security concerns. Our team is available 24/7 to respond to security incidents.

In the event of a security incident, we commit to:

  • Prompt notification to affected customers
  • Transparent communication about the incident
  • Quick remediation of security issues
  • Post-incident analysis and preventive measures

Employee Security

All Retro Rabbit employees undergo:

  • Background checks
  • Regular security training
  • Compliance with security policies
  • Strict access control based on role

Contact Security Team

For security-related questions or to report a security concern, please contact our security team at support@retrorabbit.io