Security & Trust

Our architecture is built on a foundation of data isolation, encryption, and zero-trust principles. We safeguard your reputation data with the same rigor as financial systems.

Encryption Everywhere

Data is encrypted at rest (AES-256) and in transit (TLS 1.3).

No Password Storage

We use OAuth 2.0 exclusively. We never see or store your platform passwords.

PCI-DSS Compliant

Payment processing is fully offloaded to Stripe's secure infrastructure.

Data Isolation

Customer data is logically separated in our database to prevent leakage.

Identity & Access Management

ReviewReport leverages a federated identity model via our parent entity, Forge Software.

Authentication

We do not manage user credentials. All logins are processed via Single Sign-On (SSO) providers:

Google
Microsoft
Apple
LinkedIn:

This ensures that your account benefits from the multi-factor authentication (MFA) and anomaly detection systems of these major providers. If your Google account is secure, your ReviewReport account is secure.

Billing Security

All financial transactions are handled by Stripe, a Level 1 PCI Service Provider.

Your credit card numbers are never sent to or stored on our servers.
We use secure tokens to process recurring subscriptions.
You can update your payment method or view invoices directly through the secure Customer Portal.

Data Privacy & Ethics

We build tools for you, not for advertisers. Our business model is subscription-based, which aligns our incentives with your privacy.

Data Usage

We do not and will never sell your data. Your reviews and analytics are yours.
We do not run ads. There is no tracking pixel network sharing your activity.

Data Deletion

You have the right to be forgotten. If you wish to delete your account and purge all associated review data from our systems, please contact our support team to be routed to our Data Protection Officer directly.

Contact: support@forgeinc.ltd