RevQore Sidekick Security & Compliance
RevQore packages are built using an application called Supered. No personal or CRM data (contacts, companies etc) is extracted or stored. Only object metadata (report names, list filters etc.) are used in the packages.
Privacy, security and compliance are a top priority and all information can be found in the documentation below. Should you require further information please get in touch with a member of the team:
Privacy Policy
Supered is GDPR compliant and prioritizes data privacy and security. No HubSpot CRM data (contacts, deals, or company records) is accessed or stored. Supered only processes limited metadata with explicit user permission via OAuth, and process rules execute in real-time without storing sensitive CRM data.
Supered only stores data that RevQore produces for info cards and guides, as well as metadata describing objects and properties. No personal or CRM data is processed or stored. Data is securely stored in the U.S., encrypted in transit (HTTPS) and at rest, with strict access controls. Supered does not sell personal data and only shares information with vetted subprocessors when necessary for service functionality.
Users have full control over their data, including rights to access, modify, delete, or restrict processing. Billing data is securely handled through Stripe’s PCI-compliant payment system.
Click here to find the full Supered privacy policy
Security & Compliance
Supered is SOC 2 Type II certified and GDPR compliant, with annual third-party audits and penetration testing. Security reports, including a zero-exception SOC 2 report, are available in the Trust Center.
Supered operates on AWS and Fly.io, ensuring enterprise-grade security, private networking, and no public exposure of databases. All data in transit is encrypted via HTTPS, and data at rest, including files, databases, and backups, is fully encrypted. Integration keys receive an extra layer of encryption for added security.
Regular security updates and AWS firewall protection safeguard infrastructure. Strict tenant separation prevents cross-instance access, ensuring user data remains isolated.
For security concerns or incident reports, contact Supered’s security team.
What security and compliance certifications does Supered have?
Supered is SOC 2 Type II certified and GDPR compliant, with annual third-party audits and penetration testing to verify security practices.
Where is data stored?
Supered’s infrastructure is based in the United States, using AWS and Fly.io for secure, scalable hosting.
Does Supered access HubSpot CRM data?
No, Supered does not access, store, or process HubSpot CRM data (contacts, deals, company records). Only limited metadata is processed when users interact with Supered’s features, and only with explicit user permission via OAuth.
Can Supered store my HubSpot data?
No, Supered does not store HubSpot CRM data. Process rules run in real-time but do not retain sensitive customer data.
Can I disconnect Supered from HubSpot?
Yes, you can revoke Supered’s access at any time to prevent further data flow between the platforms.
Is my data encrypted?
Yes, all data is encrypted in transit using HTTPS and encrypted at rest, including uploaded files, databases, and backups.
Can Supered employees access my data?
Supered employees do not access user data unless explicitly required for diagnostics or support, and only with user permission.
Does Supered share or sell my data?
No, Supered does not sell personal data. It only shares information with vetted subprocessors when necessary for service functionality.
How does Supered ensure data separation?
Supered enforces logical tenant separation, ensuring your data is isolated and cannot be accessed by other users or instances.
Here is where the accordion title goes
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nullam tempor arcu non commodo elementum.
Does Supered comply with GDPR and other data privacy laws?
Yes, Supered is fully GDPR compliant and adheres to the EU-U.S., UK, and Swiss-U.S. Data Privacy Frameworks.
What control do I have over my data?
Users can access, modify, delete, or restrict processing of their data at any time.
Can I request a Data Processing Agreement (DPA)?
Yes, a DPA can be arranged where required to formalize compliance obligations.
What should I do if I suspect a security issue?
Report any security concerns or incidents directly to RevQore.