Security

Updated: 04/15/2022

 

Security is our absolute highest priority. In the spirit of openness and transparency, here are some of the security measures we take to protect and defend the Review Avenger platform.

We Protect Your Data

All data is written to multiple disks instantly, backed up daily, and stored in multiple locations. Files that our customers upload are stored on servers that use modern techniques to remove bottlenecks and points of failure.

Your Data is Sent Using HTTPS

Whenever your data is in transit between you and us, everything is encrypted, and sent using HTTPS. Within our firewalled private networks, data may be transferred unencrypted.

Our application databases are generally not encrypted at rest — the information you add to the applications is active in our databases and subject to the same protection and monitoring as the rest of our systems.

Full Redundancy for all Major Systems

Our servers operate at full redundancy. Our systems are engineered to stay up even if multiple servers fail.

Hosted on Amazon Web Services

Review Avenger is hosted on Amazon Web Services. Our database is managed by RDS, ensuring redundancy, high availability and trustworthy automated, encrypted backups.

Amazon Web Services is certified for a growing number of compliance standards and controls, and undergo several independent third party audits to test for data safety, privacy, and security. Read more about the specific certifications on the AWS compliance page.

We Protect Your Billing Information.

All credit card transactions are processed via Stripe using secure encryption—the same level of encryption used by leading banks. Card information is transmitted, stored, and processed securely on a PCI-Compliant network.

Constant Monitoring

We have a team dedicated to maintaining your account’s security on our systems and monitoring tools we’ve set up to alert us to any nefarious activity against our domains. To date, we’ve never had a data breach.

We also audit internal data access. If an employee wrongly accesses customer data, they will face penalties ranging from termination to prosecution. Again, to our knowledge, this hasn’t happened.

We have processes and defenses in place to keep our streak of 0 data breaches going. But in the unfortunate circumstances someone malicious does successfully mount an attack, we will immediately notify all affected customers.

Need to Report an Incident?

Have you noticed abuse, misuse, an exploit, or experienced an incident with your account? Please email us to submit a report: [email protected]