Security & Compliance - RepsMate - make interactions count

Security &

Compliance

Security Policy

The Highest Standard of Compliance

GDPR READINESS

RepsMate is committed to ensuring ongoing compliance with the General Data Protection Regulation (GDPR). With RepsMates’s GDPR-compliant flows you ensure that any meeting attendee is made completely aware of call recording and they also provide their explicit consent for it.

PRIVACY SHIELD

RepsMate complies with the EU-U.S. and Swiss-U.S. Privacy Shield Framework. This ensures that RepsMate maintains the highest standards in data protection when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.

Data Security

When you become a RepsMate customer, all your data is treated with the highest security standards. Any data as well as any connections you make while accessing RepsMate are completely secure.

Recordings, transcripts, and analytics are encrypted in transit with either TLS or HTTPS

All connections with the RepsMate platform are encrypted using SSL

Any attempt to connect over HTTP is redirected to HTTPS

Sensitive data such as deploy keys for source control tools are encrypted at rest

Encryption key management by administering the full lifecycle of cryptographic keys. This includes: generating, using, storing, archiving, and deleting of keys

Application Security

RepsMate develops its application by following security best practices like OWASP for Python. All RepsMate employees undergo continuous education and training on secure product development, testing, and deployment practices.

Support multiple Single Sign-On (SSO) providers, via OAuth2 and SAML, such as Google, Microsoft, and Okta

Where SSO is not an option, RepsMate login requires strong passwords

User passwords are salted, irreversibly hashed, and stored in RepsMate’s database

Internal penetration testing performed at least once each quarter, and external third-party testing at least once a year

We actively manage access to all protected information assets and system changes

Least privilege and segregation of duties used to determine access

Corporate Security Standards

Security isn’t just about proofing one’s technology and infrastructure. It’s also about human behavior. RepsMate takes multiple steps to ensure that elaborate security policies are maintained, communicated, and followed across the board — by employees and partners.

New contractors and employees are required to pass a background check and sign confidentiality agreements

Employees receive routine security awareness training and confirm adherence to Company security policies

RepsMate new-hires complete security training as part of the entry into the organization

Employees are reminded of security best practices through informal and formal communications

RepsMate’s vendor management program ensures that third-parties comply with an expected level of security controls