Security Policy

Updated on June 12, 2024

Rabbiit uses corporate resources and practices to keep our clients' data secure, confidential, and available.

Privacy

Rabbiit cares deeply about the privacy of its users. For more details on how we collect, use, store, and share your personal information, please see our Privacy Policy.

Confidentiality

Rabbiit applies strict access controls to our clients' data and works to ensure that client data is not viewed by anyone who should not have access to it.

To keep the system running properly, develop improvements, and create new Rabbiit services, some team members have permission to access client data storage and processing systems. For example, this permission may be used to investigate an issue with Rabbiit services that affects client accounts. These team members are prohibited from using the permission to read client data for purposes other than those mentioned above.

Rabbiit uses data storage infrastructure shared among clients; to ensure data isolation we use security technology from data management providers, such as segregation through isolated database schemas and/or row-level security in the database. To access client information, in addition to access permission, it is necessary to have each client's access credentials. This way we mitigate the risk of accidental data leakage between client accounts and increase the level of access control.

Encryption in data transmission

Our software uses the SSL security protocol, a global standard in security technology that encrypts your information so that all data exchanged between our server and your browser remains confidential and secure.

Password encryption

Your passwords used in Rabbiit are kept fully confidential. Each password is transformed and encrypted into a unique token that cannot be reversed, and only this token is stored in our database. Your password will not be known even by our team members with permission to access data storage.

Availability

We know that our clients expect software that is always available when they are working and that is fast. We apply our efforts to offer high-availability services, available 24 hours a day, 7 days a week, with stable speed. We run Rabbiit on robust, scalable, fault-tolerant infrastructure services. We have a clear disaster recovery plan and qualified professionals to resolve any issues.

Check the current service status and availability history on the Status page.

Disaster recovery

Client data is stored and our source code is hosted both redundantly within secure data centers offered by Amazon through Amazon Web Services (AWS) technology, with automatic restorations applied in case of interruptions by our infrastructure management platform.

As a contingency measure, we work with backup and restoration procedures that are effectively tested. Client data is automatically copied daily and our source code is replicated to our code repository with every update.

Report a vulnerability

If you believe you have found a security vulnerability in Rabbiit, please contact us at suporte@rabbiit.com.