Data Privacy & Security
Retain.ai takes security and privacy very seriously. As a Privacy Shield certified company, everything we do has been designed to ensure that we adhere to the highest standards.
Your data will be loaded onto servers maintained by Retain.ai, hosted on Amazon Web Services (PCI DSS, ISO 27001 compliant, Sarbanes-Oxley (SOX), SOC 1 and SOC 2/SSAE 16/ISAE 3402). Retain.ai follows all security best practices for protecting your data on these servers including:
AES-256 encryption of your data access credentials
HTTPS required to access our web interface
Retain utilizes OAuth and OpenID® for user authentication. We never have access to users Gmail™ or Salesforce® passwords.
Data Protection at Rest and in Transit
Your data is stored on AWS on an internal subnet that is not connected to the internet. We use security groups and IP permissioning to ensure only authorized machines can connect to the database.
Your data is always encrypted in transit. All activity in our dashboard is secured using TLS. When using APIs to integrate with other cloud providers (e.g., G Suite) only secure, HTTPS connections are used.