Encryption
AES-256 / TLS 1.3
SOC 2
Type II in progress
GDPR
Compliant
HIPAA
BAA on Enterprise
SSO
SAML · OIDC · SCIM
Uptime
99.9% SLA
Data residency
US · EU
Backups
Hourly · 30-day
Our security approach
Revenue Defenders is built for service businesses that hold customer payment information, dispute evidence, and communication records. We take a defense-in-depth approach: every request is authenticated and tenant-scoped, data is encrypted in transit and at rest, and our AI features are designed so that no customer PII is sent to model training.
We do not claim certifications we have not yet achieved. Where work is in progress, we say so clearly below.
Data hosting
- Host:Render (US region — Oregon). Database and web service run on Render's managed infrastructure.
- Database encryption:Postgres data encrypted at rest by the cloud provider. Backups are encrypted.
- Transport:All traffic served over TLS 1.2+. HTTP connections are redirected to HTTPS.
- Database access:Direct database access is not exposed publicly. All reads/writes go through the application layer.
Authentication
- Passwords:Hashed with bcrypt at cost factor 12. Plaintext passwords are never stored or logged. Minimum 12 characters with common-password blocking.
- Passkeys / WebAuthn:Sign in with Face ID, Touch ID, or hardware security keys. Phishing-resistant and passwordless.
- 2FA / TOTP:Two-factor authentication available via any authenticator app. Mandatory for account owners.
- Device sessions:View, manage, and revoke all active sessions from any device.
- Brute-force protection:Progressive lockout after failed attempts with automatic email alerts to the account holder.
- Login anomaly detection:Automatic alerts when a sign-in is detected from a new device or geographic location.
- Session cookies:httpOnly, SameSite=Lax, Secure flags set. Sessions are short-lived and invalidated on logout. Token rotation after privileged actions.
- Password resets:Signed tokens with a short expiry. Tokens are invalidated after use.
Tenant isolation
- Per-request enforcement:Every API route validates the session and scopes all database queries to the authenticated tenant. Cross-tenant data access is not possible through the application.
- Role-based access:Owner, admin, and member roles restrict which actions each user can take within a tenant.
- Audit logging:All significant actions are logged with actor, entity, IP address, and timestamp. Logs are accessible by account owners from Settings → Activity.
- Impersonation:Platform admin impersonation is logged separately and visible to the affected tenant owner.
AI privacy
AI features (lead intent, dispute narrative, follow-up drafts, onboarding copilot, scan summary, finding explainer) are optional and can be disabled per tenant from Settings → AI.
What we send to OpenAI
- Anonymized scan signals (revenue gap categories, severity counts)
- Lead status labels and engagement signals (PII stripped)
- Non-identifying dispute metadata (category, amounts, dates)
- Your tenant’s selected brand voice and business type
- Evidence item categories and titles (no raw content)
What we do NOT send
- Customer names, emails, or phone numbers (auto-stripped by PII filter)
- Full lead conversation bodies (only anonymized excerpts)
- Payment card data, bank details, or SSNs
- Raw dispute evidence documents
- Your account credentials or API keys
PII protection
- All user-provided text (lead messages, dispute reasons, evidence notes) is processed through an automatic PII stripper before being sent to any AI model.
- Email addresses, phone numbers, credit card numbers, and SSN patterns are replaced with safe placeholder tokens (e.g., [EMAIL_REDACTED]).
- Injection attempts are detected and sandboxed — user content is wrapped in untrusted tags so the AI model treats it as data, not instructions.
- AI outputs are post-checked for safety violations before being displayed.
Opt-out
You can disable all AI features at any time from Settings → AI by toggling “AI features enabled” off. When disabled, all AI-powered outputs revert to deterministic rule-based alternatives. No data is sent to any AI provider while AI is disabled.
We use OpenAI’s API with the zero-data-retention option where available. We do not opt into OpenAI’s model training using your data.
Incident response
- Contact:security@revenuedefenders.com
- Response window:24 hours for critical, 72 hours for standard
- Breach notification:We will notify affected customers within 72 hours of confirming a data breach, per GDPR Article 33 obligations.
- Status updates:Real-time incident updates are posted at /status.
Subprocessors
We use the following third-party services to deliver the platform. Each one has its own security and privacy documentation linked below.
| Provider | Purpose | Region | Security docs |
|---|---|---|---|
| Render | Application hosting and managed Postgres database | US (Oregon / Frankfurt) | View ↗ |
| Stripe | Payment processing and subscription billing | US / EU | View ↗ |
| Twilio | SMS and voice call delivery for lead recovery automations | US / EU | View ↗ |
| Resend | Transactional email delivery | US | View ↗ |
| OpenAI | AI-assisted features (when enabled by tenant) — see AI Privacy section | US | View ↗ |
| Sentry | Error monitoring and performance observability | US | View ↗ |
| PostHog | Product analytics (anonymized usage events) | US | View ↗ |
Compliance roadmap
We only list standards we are actively working toward or have implemented. We do not claim certifications we have not obtained.
SOC 2 Type I
Controls documentation and readiness review in progress. Audit not yet completed.
GDPR — Right to Deletion
Tenant deletion request triggers a 30-day grace period followed by permanent data removal.
GDPR — Data Export
Full data export available on request from account settings.
GDPR — Data Processing Agreement
DPA template in legal review. Available upon request in the meantime.
CCPA Compliance
Privacy policy updated; automated deletion flow covers CCPA removal rights.
Vulnerability disclosure
We welcome responsible disclosure of security vulnerabilities. If you discover a potential security issue, please report it to security@revenuedefenders.com. Please do not publicly disclose the issue before we have had a chance to investigate and respond. We aim to acknowledge reports within 24 hours and provide a resolution timeline within 5 business days.
We do not currently operate a formal paid bug bounty program, but we recognize and appreciate security researchers who disclose responsibly.