Home » Security Policy
As a SaaS platform provider, it is our duty that your business data is handled with the strictest safety standards. Our enterprise-grade compliance standards ensure that your data is always safe.
- Rivery applications and processes use only secured and encrypted data communication from internal and external sources. All of our sources are based on secure options of connectivity, such as SSL, TLS, SSH Tunneling, and HTTPS.
- Data is retained no longer than insurance of success loading and maintaining the pipelines.
- Rivery asks for the minimal permissions in order to connect the sources and targets and connects using the best practices and most secure way by each source requirements.
- Rivery environments run over it’s Virtual Private Cloud (VPC). The processes run over private subnet, separated from the public internet by NAT architecture.
- Rivery environments are hosted on Amazon Web Services, which assures their physical and virtual resources are compliant with the highest standards such as SOC 1,2,3, HIPAA, and GDPR.
EU Data Privacy and GDPR
Rivery is in full compliance with the European Union’s Global Data Protection Regulation (GDPR).
SOC 2 – Type II
Rivery has been independently audited against SOC 2. Developed by the American Institute of CPAs (AICPA), SOC 2 is specifically designed for service providers storing customer data in the cloud. SOC 2 defines criteria for managing customer data based on principles of security, availability, processing integrity, confidentiality and privacy.