Data security and privacy

The security and privacy of your data is very important to us. We use various techniques to protect it, including human processes and technical measures. We do not (and will not) share your data with any third parties beyond the minimum required by law, nor do we use your data for any purpose beyond providing our service to you.

Your data in Rotabull is only accessible to other team members in your company who have been invited by you to your Rotabull account.

More info on our legal policies can be found in our Privacy Policy.

Encryption

Connections to Rotabull (from your web browsers) are encrypted using bank-grade encryption and authenticated using a strong protocol (TLS 1.2 or 1.3), a strong key exchange, and a strong cipher.

Rotabull only works over HTTPS, so you can be sure that your data remains safe and can be accessed securely even from potentially insecure, public wi-fi locations.

Internal practices

Only a few members of our team can see your data, and only for specific allowed purposes such as diagnosing a technical issue with your account.

External applications that house sensitive customer data are accessible only via single sign-on, or using multifactor authentication.

Your data in integrated applications

We take extra precautions specifically around the security of integrations in Rotabull. For example, your integration credentials are encrypted, with the data and keys stored in secure configuration in a separate environment. Rotabull syncs only data necessary for our application's functionality, and logs all activity related to integration activity for incident investigation.

ERP connections

  • We use customer-provided credentials to access the ERP database via internal LAN. These credentials are encrypted in transit and at rest (256-bit AES), using secret keys unique to each customer.
  • We use the official Oracle- and Microsoft-provided data access tools (e.g., Managed ODP.Net driver).
  • All communication to Rotabull's servers is encrypted using HTTPS.

Our reputation depends on us taking your data security and privacy extremely seriously. No third parties have access to your integration data, e.g., from your ERP.

Security vulnerabilities

Rotabull pays careful attention to security practices in developing our application. If you believe you have found a security vulnerability, please visit our Security Vulnerability Disclosure page.