Secure & Private
When it comes to security, we consider it as a priority and an ever-ongoing process.
Find out how we keep your data safe.
Compliant with EU data security standards
We value security and protect your data
As a RestApp customer, you entrust us with some of your most sensitive and valuable data.
As such, safety is our constant priority and we secure every pice of our platform.
We have designed RestApp in order not to store but just process sensitive data as fast as possible.
Thus, it is our priority to be compliant with modern data privacy best practices.
High-end processing architecture
Our sync engine has been designed from the very beginning to use your data warehouse’s own execution engine to perform sensitive operations, meaning that virtually none of your customer data is actually stored on RestApp’ servers.
This makes RestApp “secure by default” against many common attacks.
Built on top of the world's most secure cloud infrastructure
We host our servers in the EU and only work with cloud providers whose datacenters are SOC 2 and ISO 27001 certified.
These cloud providers guarantee the physical and network security of RestApp’ servers and help us ensure that our server software is always up to date and protected from any newly-discovered threats.
Use the least privileges needed for handling data
RestApp does not require super-user access to your data warehouse and will request the fewest OAuth scopes needed to your SaaS applications in order to provide the RestApp platform.
The secrets we store with enterprise-grade OVH Secrets Manager which is both PCI and SOC 2 compliant.
For the purpose of connection with data warehouses, we support an SSH connection in case the data warehouse is located in a private subnet.
Data and tools to audit your organization's RestApp usage
RestApp records audit logs of any changes made to your models or sync configurations.
As a result, you know which users made changes and when.
Best practices for developing security software
RestApp is developed using isolated staging and production environments, encrypted credentials separated from code, and “infrastructure-as-code” that eases auditing and permits fine-grained access to cloud resources.
Data encrypted in transit & at rest
RestApp uses recent SSL and TLS versions for all connections between systems.
From your browser to the RestApp application, from our servers to your data warehouse or SaaS application, as well as internally between our own services and databases.
The data pipeline at RestApp is fully encrypted in transit and at rest, using the in-memory data structure store MongoAtlas running our ephemeral workers. We do therefore not see the data we are processing.
Build better data pipelines
With RestApp, be your team’s data hero by activating insights from raw data sources.