At RatingFacts, we prioritize information security as a cornerstone of our online review community's operations. Maintaining robust data security across all facets of our platform is paramount. This encompasses safeguarding the data of RatingFacts reviewers, platform users, our valued customers and collaborators, as well as our dedicated employees.
We ensure compliance with the European Union's General Data Protection Regulation (GDPR), a comprehensive framework governing data protection and privacy for individuals within the EU. This regulation sets stringent standards for the processing of personal data. Our commitment to GDPR compliance is reflected in our data processing agreement, which outlines in detail how we handle personal data on behalf of businesses utilizing our review invitation services. This agreement serves as a robust safeguard, ensuring that data processing practices align with GDPR requirements, thereby fostering trust and transparency in our operations.
RatingFacts operates as a cloud-first organization, meaning that we primarily leverage cloud computing resources rather than maintaining in-house data centers. Additionally, our corporate network infrastructure is virtualized, allowing us to optimize resources and scale efficiently to meet the demands of our platform and users. This approach not only enhances flexibility and agility but also ensures robustness and reliability in delivering our services. By embracing cloud technologies, RatingFacts remains at the forefront of innovation while maintaining a strong focus on security, scalability, and performance.
At RatingFacts, we prioritize the security and integrity of our infrastructure, which is hosted on data centers provided by Amazon Web Services (AWS) within EU availability zones. These data centers boast certifications such as SOC2 and PCI DSS Level 1, signifying their compliance with stringent security standards.
AWS offers a plethora of security- and privacy-focused features, which RatingFacts harnesses to fortify our platform. Our servers operate within AWS Data Centers, utilizing a blend of Microsoft and Linux operating systems. To enhance security, we implement meticulously configured security groups, isolate virtual private cloud (VPC) environments, employ role-based access control, and deploy advanced web application firewall protection.
Furthermore, our operating systems, databases, and applications undergo rigorous hardening processes to minimize vulnerabilities and bolster security measures. By prioritizing these practices, RatingFacts ensures the robustness of our infrastructure, safeguarding the confidentiality, integrity, and availability of user data.
In addition to our internal systems, we utilize the Google Cloud Platform to fulfill certain business needs. Within this framework, we harness state-of-the-art tools that enable us to proactively identify and address potential threats or vulnerabilities.
RatingFacts's server instances hosted on Amazon Web Services (AWS) and Google Cloud are fortified with advanced security measures, accessible only through Virtual Private Networks (VPNs). The physical security of our cloud infrastructure is meticulously overseen by AWS and Google Cloud, both renowned for their stringent security protocols. For further assurance, compliance reports can be directly requested from AWS and Google Cloud.
Additionally, RatingFacts.com proudly upholds an A+ rating on Qualys SSL Labs for its endpoints. This rating underscores our commitment to maintaining robust encryption standards, ensuring that data transmitted through our platform remains secure and protected.
RatingFacts operates a confidential bug bounty program, inviting security researchers from around the globe to contribute their expertise in identifying and reporting potential vulnerabilities.
Additionally, our website undergoes regular scanning to detect vulnerabilities, which are then promptly addressed. The urgency of our response is contingent upon the severity of each finding, ensuring that critical issues are resolved expediently to uphold the integrity and security of our platform.
At RatingFacts, our platform is meticulously crafted following the principles of microservice architecture design. This strategic approach ensures that our services and the backend supporting them are seamlessly decoupled and stateless. Why does this matter? Well, it enables us to dynamically scale our platform in response to fluctuating demand levels.
Behind the scenes, our backend infrastructure is ingeniously constructed using a methodology known as "infrastructure as code" (IaC). This means that our infrastructure is created and managed through code instructions, allowing for precise control and automation of deployment processes. But here's the kicker: We don't just stop at creation. Our infrastructure is continually refreshed and replaced, ensuring a consistently pristine and stateless environment. This concept is often referred to as "immutable infrastructure," signifying its unchanging and immutable nature.
By embracing microservice architecture and infrastructure as code, RatingFacts remains agile, resilient, and ready to adapt to the evolving needs of our users and the digital landscape. It's all about staying ahead of the curve and delivering a seamless experience, every step of the way.
At RatingFacts, we employ robust security measures to protect your data at every step. Data traveling to and from our cloud infrastructure undergoes encryption, ensuring its safety during transit. Additionally, data stored on our cloud infrastructure is encrypted at rest using the AES-256 algorithm, an industry-standard encryption method known for its robust security.
To fortify the security of our platform, we implement stringent measures for web communication. All web traffic is encrypted with a minimum of 128-bit encryption, ensuring the confidentiality of data exchanged between users and our platform. Our websites utilize Transport Layer Security (TLS) 1.2, a highly secure protocol that safeguards against unauthorized access and interception of data. RatingFacts exclusively supports data transmitted via web submissions using HTTPS, enhancing the security of user interactions and data exchanges.
Furthermore, we prioritize the protection of personal data in our email communications. Emails sent from RatingFacts are transmitted using TLS, adding an extra layer of security to ensure the confidentiality and integrity of sensitive information. In cases where the recipient's email client does not support TLS, we dynamically adapt to utilize the next highest secure protocol supported by them, maintaining the security of data transmission.
By implementing these robust security measures, RatingFacts remains dedicated to safeguarding your data and maintaining the trust and confidence of our users.
© 2025 Rating Facts. All rights reserved.