Roboquery Security

Overview

Customer confidence and data security are paramount at Roboquery. We are dedicated to providing our customers with a highly secure and reliable environment to keep their data safe. To achieve this, we have developed a comprehensive security model covering all aspects of our cloud-based Roboquery systems. While we strive to implement robust security measures, including encryption and access controls, it's essential to acknowledge that no method of transmission over the internet or electronic storage is entirely secure. Therefore, there are no guarantees of absolute security.

Protecting Data in Transit

Roboquery employs industry-standard Transport Layer Security ("TLS") with 128-bit Advanced Encryption Standard ("AES") encryption to establish secure connections between the web application and Roboquery servers. All data transmitted between these endpoints is encrypted, ensuring confidentiality. Roboquery exclusively utilizes the HTTPS protocol for all connections, providing an additional layer of security.

Protecting Data at Rest

At Roboquery, we prioritize the security and privacy of user information. Consequently, we do not store sensitive data at rest, including user passwords, on our servers. Our systems are meticulously designed to safeguard data integrity at all times, Specifically, User passwords are neither collected nor stored.

System Monitoring, Logging and Alerting

Roboquery monitors servers to retain and analyze a comprehensive view of the security state of its production infrastructure. Roboquery collects and stores production servers logs for analysis.

Network Security

Roboquery uses Cloudflare to prevent Distributed Denial of Service attacks and for Web Application Firewall services.

Access Control

Access to customer data is strictly controlled and limited to authorized personnel who undergo comprehensive training. Only designated members of the Roboquery team have direct access to production systems and user data, and access is restricted to essential functions. User data is accessed by Roboquery employees solely for aggregate analysis or troubleshooting purposes, with explicit consent obtained from the account owner or team administrator when necessary.

Third-Party APIs

We utilize commercial third-party APIs, including OpenAI GPTs, for specific complex query rewrite operations. For transparency and assurance regarding the use of third-party APIs, particularly OpenAI GPT's, we encourage you to review their security policy and data storage policies. You can find more information on OpenAI's policies here.

Physical Security

Our systems are hosted on Google Cloud infrastructure in the United States, benefiting from Google's stringent physical and environmental security measures. Google Cloud data centers boast robust security protocols, ensuring the resilience and integrity of our infrastructure. For more information regarding Google Cloud's security practices, please refer to the GCP security page.

Protecting Users Payment Information

Roboquery does not retain or store any payment information provided by users. Payments are processed and securely stored by our trusted payment gateway provider, stripe.com, which adheres to industry-leading security standards.

Opting Not to Store Data on Our Servers

While Roboquery securely stores user data by default for convenience and troubleshooting purposes, customers have the option to disable these capabilities. To initiate this process and ensure the deletion of past data from our servers, please contact us directly.

Your trust and security are of utmost importance to us at Roboquery. If you have any questions or concerns regarding our security practices or policies, please don't hesitate to reach out to us.

Thank you for choosing Roboquery.