We use proven encryption protocols whenever your data is transferred over open networks. We encourage you to send your data through encrypted protocols including SSH, SSL, or a VPN, and we will only serve your data back over SSL.
Our data centers are protected by electronic security and intrusion detection systems and a 24/7/365 human staff.
Our operating systems and other software are kept up to date with the latest security patches. Our network is protected by dedicated firewall services to prevent unauthorized access, and our systems regularly undergo automated vulnerability scans.
New features undergo a security review by our team before release, and the security professionals at ^Lift Security perform regular audits and penetration tests on our existing systems.
We never analyze sensitive data like payment details. We encourage you to restrict our access to this data, but even if you do not, we will not transfer it to our systems or anywhere else. You can decide what - if any - personally identifiable information you want to share with us for analysis.
Your password is stored using a secure cryptographic hash. Your payment information is transmitted, stored and processed on a secure PCI-compliant network, and is never stored on our servers. When you provide us credentials to access other systems, we encrypt them before storing.
If you believe you’ve found a security vulnerability in RJMetrics, we encourage you to let us know right away by emailing firstname.lastname@example.org (optionally using our PGP key). We request that you do not publicly disclose the issue until we have a chance to address it and will not pursue legal action as long as you make a good-faith effort to avoid privacy violations and destructive exploitation of the vulnerability.
We will respond as quickly as we can and reward the confidential disclosure of any design or implementation issue that could be used to compromise the confidentiality or integrity of our users' data (such as bypassing our login process, injecting code into another user's session, or acting on another user's behalf) with some swag. Other issues may be rewarded at our discretion.