Reordinal maintains administrative, technical, and organizational safeguards designed to protect personal data processed through the Service. No system is perfectly secure, and customers are responsible for using the Service in a secure manner — managing their own users, access permissions, devices, and internal policies.
Our security measures
- Encryption in transit (TLS/HTTPS) for all traffic
- Encryption at rest where supported by infrastructure providers
- Role-based access controls and least-privilege internal access
- Authentication controls and short-lived JWT sessions
- Audit logs and data export logging
- Production access restrictions and monitored deploys
- Backup procedures and tested incident response
- Vendor and subprocessor security review
- Continuous logging and error monitoring
- Internal confidentiality obligations for personnel
Where Customer Data is hosted
Primary production data is stored in the United States on Google Cloud Platform and Amazon Web Services. See the Subprocessors page for the full list of providers we rely on.
Reporting a security issue
If you believe you have found a security vulnerability or want to report a concern, email contact@reordinal.com. Please include enough information for us to reproduce the issue. We do not authorize customer-initiated penetration tests, vulnerability scans, or onsite inspections without prior written approval.
Security incidents
We notify affected customers without undue delay after confirming a security incident that affects Personal Data processed on their behalf, in line with our Data Processing Addendum.