Security

A secure environment for your data

From data storage to office access, we follow strict security protocols and comply with international standards to ensure all our client’s information is safe at all times.

Get a demo

Certifications

Rydoo features industry-standard certifications to guarantee systems, payment and data security.

ISO 27001
SOC 2 Type 2
PCI DSS

Security Controls

All integrations

Rydoo ensures data protection in transit by using at least TLS v.1.2. Data at rest is encrypted with AES TDE.

Access Management

Multi-factor authentication is mandatory for all Rydoo employees and contractors. Access is granted based on the “least privilege” and “need-to-know” principles.

Data Residency

Rydoo is fully compliant with GDPR. All data entered into our application is securely stored within Microsoft Azure data centres located in the EU and meets strict security requirements.

Data Backup and Disaster Recovery

We perform incremental and full daily backups and regularly restore data for testing purposes. Our disaster recovery plan is developed and tested annually. Our RPO and RTO are strictly defined in a contract.

Penetration testing

Every year, Rydoo conducts penetration testing and vulnerability assessments to identify and address security weaknesses.

Vendor Risk Assessment

We regularly conduct Vendor Risk Assessments to safeguard customer data. Evaluating vendors helps us make informed decisions, reduce risks, and enhance protection.

Incident Response and Reporting

We have a documented and tested Incident Response Process, which enables efficient incident response and recovery.

Data Minimization

Rydoo only collects and processes data that is necessary to provide its services. Our data minimization approach reduces the risk of exposure for our clients.

Employee Training and Awareness

We have comprehensive employee data security and privacy training powered by KnowBe4. Well-trained staff are absolutely essential for the protection of our data.