Your competitive intelligence data is sensitive. We treat it that way - with industry-leading security practices, compliance certifications, and transparent data handling.
RivalDesk maintains the certifications and compliance standards required by enterprise security teams.
Annual third-party audit of security, availability, processing integrity, confidentiality, and privacy controls. Our latest report is available upon request under NDA.
Full compliance with the EU General Data Protection Regulation. We offer Data Processing Agreements, support data subject access requests, and maintain EU data residency options.
Compliance with the California Consumer Privacy Act. We honor consumer rights requests, maintain transparent data collection practices, and provide clear opt-out mechanisms.
Defense in depth across every layer of the platform, from encryption to monitoring to incident response.
All data is encrypted with AES-256 at rest and TLS 1.3 in transit. Database encryption uses customer-specific keys managed through AWS KMS. API tokens and credentials are stored using industry-standard hashing algorithms.
Role-based access control (RBAC) with granular permissions at the workspace, team, and resource level. SAML SSO support for enterprise customers. Multi-factor authentication is available for all accounts and enforced for admin roles.
24/7 infrastructure monitoring with automated anomaly detection. All access is logged with immutable audit trails retained for 12 months. Real-time alerting for suspicious activity patterns and unauthorized access attempts.
Documented incident response plan with defined severity levels, escalation paths, and communication procedures. Affected customers are notified within 72 hours of a confirmed breach. Annual tabletop exercises test our readiness.
We collect only publicly available information and handle all data with care. Here is what you should know about how we manage your competitive intelligence data.
RivalDesk monitors only publicly accessible information - websites, news articles, SEC filings, job postings, and app store listings. We never access proprietary or private data.
Each customer workspace is logically isolated. Your competitor lists, custom scoring rules, and generated reports are never shared with or visible to other customers.
Configurable data retention policies. Set how long intelligence reports, raw data, and historical snapshots are stored. Enterprise customers can request custom retention periods.
Export all your data at any time via the API or dashboard. Upon account termination, all customer data is permanently deleted within 30 days with written confirmation.
Your data is never used to train our AI models. Intelligence generated for your organization stays within your workspace and is not used to improve outputs for other customers.