Security & Compliance

Enterprise-Grade Security

Your data security is our top priority. Learn how Rally protects your customer information with industry-leading security practices.

🔒
256-bit SSL
All data encrypted
🛡️
Role-Based Access
Fine-grained permissions
💳
Stripe Payments
Secure payment processing

Security Features

Data Encryption

All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Your customer information is always protected.

Multi-Tenant Architecture

Each tenant's data is logically isolated. Our database design ensures your data never mixes with other customers' data.

Secure Authentication

Password hashing with bcrypt, JWT tokens with expiration, and optional two-factor authentication for enhanced security.

Role-Based Access Control

Fine-grained permissions ensure team members only access the data they need. Admin, user, and custom roles available.

Audit Logging

Comprehensive audit trails track all user actions, data changes, and administrative activities for compliance and security monitoring.

Secure Payments

All payment processing is handled securely through Stripe. We never store raw credit card numbers on our servers.

Our Security Commitments

🔐

Data Encryption

All data is encrypted at rest and in transit. We use industry-standard encryption to protect your information at every layer.

  • ✓ AES-256 encryption at rest
  • ✓ TLS 1.3 in transit
  • ✓ Encrypted backups
  • ✓ Secure key management
🛡️

Access Control

Fine-grained role-based access control ensures team members only see what they need. Full audit trails for every action.

  • ✓ Role-based permissions
  • ✓ Multi-tenant isolation
  • ✓ Comprehensive audit logs
  • ✓ Secure authentication (JWT)
💳

Payment Security

All payment processing is handled by Stripe. We never store credit card numbers on our servers.

  • ✓ Payments via Stripe
  • ✓ No card data stored
  • ✓ Secure checkout
  • ✓ Encrypted billing data

Data Protection Practices

Regular Backups

Automated daily backups with point-in-time recovery. Your data is backed up across multiple geographic locations for disaster recovery.

Incident Response

Dedicated security team monitors systems 24/7. Rapid incident response procedures ensure quick containment and notification if issues arise.

Penetration Testing

Regular third-party security assessments and penetration testing identify and address vulnerabilities before they can be exploited.

Employee Training

All employees undergo annual security awareness training and background checks. Access to production systems is strictly controlled.

Vulnerability Management

Continuous scanning for security vulnerabilities, automated dependency updates, and patch management keep systems secure.

Secure Development

Security is built into our development process with code reviews, static analysis, and security testing before deployment.

Keeping Your Account Secure

Best Practices

  • • Use strong, unique passwords
  • • Enable two-factor authentication
  • • Don't share login credentials
  • • Log out from shared devices
  • • Keep your email secure
  • • Review access logs regularly

Your Responsibilities

  • • Maintain password confidentiality
  • • Report security concerns promptly
  • • Only collect data you need
  • • Obtain proper consent
  • • Follow data retention policies
  • • Comply with applicable laws
🔐

Found a Security Issue?

We take security seriously. If you discover a vulnerability, please report it responsibly.

Email us at:

security@rallycrm.io

Security Questions?

Need security documentation for your compliance review? Contact us and we'll be happy to answer your questions.

Contact Security Team

Trust Rally with Your Customer Data

Encryption, access control, audit logging, and a commitment to keeping your data safe. Start your secure trial today.

Start Secure Free Trial

Rally Support

We typically reply in a few hours

Hi! 👋 How can we help you today?