Security

Retryvr is early. We don't hold any compliance certifications yet. Here's what's true today, and what we're working toward.

What's true today

Concrete practices we already have in place. If we don't mention it, we don't do it yet.

TLS everywhere

www.retryvr.com is served over HTTPS only. HTTP requests redirect to HTTPS. The certificate is issued by Amazon and rotates automatically.

AWS infrastructure

The site runs on AWS Amplify Hosting (CloudFront + S3). AWS holds SOC 2, ISO 27001, and other certifications for the underlying infrastructure. Those certifications cover AWS, not Retryvr.

Minimal data collection

The marketing site only collects what you send through the contact form. We don't have a user signup, payments, or a customer database. Contact submissions land in a shared inbox and are not retained in any other system.

Vulnerability reports

If you find a security issue, email info@retryvr.com with steps to reproduce. We'll acknowledge within one business day and keep you updated through remediation.

What we're not yet

Things we'll build toward as the product matures, but don't claim today:

  • SOC 2 Type II. We are not SOC 2 certified.
  • Third-party penetration tests. Not yet scheduled.
  • 24/7 staffed security monitoring. We monitor via AWS CloudWatch alerts during business hours.
  • Customer data plane. The product itself is in development. When customers begin uploading or storing data, we'll publish updated practices for that.

Have a security question?

If you're evaluating Retryvr and need detail beyond what's here, get in touch.