enterprise
SOC 2 Type II
Certified March 2026. Covers Security, Confidentiality, and Availability trust service criteria. Type II means controls have been operating effectively over time, not just at a single point.
SOC 2 Type II and ISO 27001 certifications held by underlying enterprise infrastructure. Optional HIPAA add-on for Australian healthcare clinics. AES-256 encryption, TLS 1.3 in transit, annual penetration testing, and Just-In-Time access controls.
revenu runs on enterprise infrastructure that holds independently audited security and compliance certifications. Below is the real, current state of how your information is protected. No marketing fluff. No hedge language. Verifiable facts you can show your accountant or your IT person.
These are the credentials our enterprise infrastructure provider holds. They are the real ones. Externally audited, not self-claimed.
Certified March 2026. Covers Security, Confidentiality, and Availability trust service criteria. Type II means controls have been operating effectively over time, not just at a single point.
Certified to the international standard for information security management systems. Covers policy, risk assessment, controls, and continual improvement.
A general-use version of the SOC 2 report, available publicly on request. Useful when your own clients or auditors need a summary attestation.
Certified to the EU-U.S., UK Extension, and Swiss-U.S. Data Privacy Frameworks. Provides a recognised legal basis for transferring personal data from those regions.
Standard Contractual Clauses, Data Processing Agreement, and sub-processor list available. Data subject rights are supported including export, correction, and deletion.
A paid HIPAA add-on is available for clinics handling protected health information. Includes Business Associate Agreement, encryption of ePHI, audit logging, and enforced multi-factor authentication. Talk to Adam if you need this enabled.
TLS 1.2 or 1.3 with 2048-bit keys for data in transit. AES-256 for data at rest. Encryption keys managed in a hardened Key Management System and rotated on schedule. User passwords are hashed and encrypted at rest.
Role-based access. Admins control what each user can see and do. Two-factor authentication available for all users and can be enforced account-wide. Password policy is fixed: minimum 8 characters, mixed case, numbers, and symbols.
Hosted on AWS and Google Cloud Platform. Multi-zone redundancy, hardened images, automated patching. Network segmentation with private subnets and strict change control. Configuration drift is auto-corrected within 30 minutes.
Continuous logging and real-time alerting for anomalies, error rates, abuse scenarios, and application attacks. Automatic responses include traffic throttling and process termination at predefined thresholds.
Daily encrypted backups with 7 days retention. Backups are protected by Write-Once-Read-Many controls and access restrictions. Recycle bin lets you recover deleted contacts, opportunities, fields, tags, and notes for 30 days. Pages and content can be reverted via version history.
Code reviews, static and dynamic analysis, and gated deployments. OWASP Top 10 protections, rate limiting, and DDoS safeguards. Annual penetration testing performed against applications and infrastructure by independent testers.
The things you can't see but should know about. These are the operational controls that protect your account from the inside, not just the outside.
When platform support needs to look at your account to help you, they request time-limited access through a Just-In-Time Access (JITA) model. Each request is logged. Access expires automatically after 24 hours.
Even with active JITA access, support staff cannot change SSO or domain settings, export contacts or users, view or create API keys, import CRM data, or delete contacts, deals, or tickets. These actions stay with you.
Platform employees go through third-party background checks before formal hire. All staff complete annual CyberSafety training including phishing awareness. Company laptops are MDM-managed with full-disk encryption.
Independent security testers run penetration tests against applications and infrastructure every year. Findings are tracked to closure with owners and timelines. This is in addition to continuous vulnerability scanning.
User logins, employee access, security activity, and content changes are all logged. Logs are indexed and retained for investigation and audit. Access to log storage is limited to a small subset of engineers.
The platform stores tokenized references to cards, not the card numbers themselves. When a card is saved, the raw number goes to the payment processor (Stripe, NMI, Authorize.net) which is PCI-DSS certified. The platform stores a token that points to the card at the processor, plus metadata like brand, last four digits, and expiry. Charging a saved card means asking the processor to charge that token. The raw card number never sits in the platform database. This is why the platform itself is not directly PCI-DSS certified at the highest tier. The processor handles the certified part, the platform handles the workflow part.