Reetro has designed our Platform and Data Processing Agreement to give you options and put you in full control.
The powerful settings in Reetro empower you to control who can see and manage sensitive information. We ensure that you can communicate to your employees that they are always in control of their personal data and we support you in these efforts.
Everyone at Reetro takes the security of our product very seriously. Our customers trust us with their data, and protecting that is central to running our business and helping our customers run theirs.
We fully comply to GDPR terms and provide the service in accordance to the privacy and data protectons rules set under GDPR terms.
All access to customer data is protected by roles and permissions within the Reetro system.
Reetro employees can only access data on a need-to-know basis, and according to “the principle of least privilege,” which means Reetro employees have the minimal level of access to data in order to do their job.
We’ll also help our customers become GDPR compliant by ensuring roles created in the system don’t accidentally compromise data security.
We only use third party systems that are compliant with GDPR.
Our customers’ data is encrypted from end-to-end. This means when you enter information in reetro, your data is sent to an https web processor, then stored in a database. Your information is encrypted throughout that journey, so it can’t be read at any point.
End user data is subject to our end user licence, as well as our retention schedule. The removal of end user data from our database is by request, and subject to a review by Reetro. End user data that is no longer relevant or required will be anonymized by removing any personal data.
Customer trust is the foundation of our business. That’s why data protection and privacy is something we’ve prioritized since day one, and it’s something we’ll continue to prioritize with our Information Security Management System and compliance to various data privacy laws, such as GDPR.