Legal
Security Policy
Last updated: January 2026
Retteu App applies technical and organizational measures to protect personal data and ensure platform security.
1. Encryption in Transit
All data is transmitted over secure channels using TLS (Transport Layer Security) version 1.2 and above. This ensures encryption of data between the user's browser and Retteu App servers.
2. Access Control
- Authentication: platform access is provided through OAuth (Google, Facebook) or secure email-based authorization
- Authorization: role-based access control (RBAC) for managing user permissions in teams
- Sessions: automatic session expiration on inactivity, protection against session hijacking
3. Secrets and Token Storage
- OAuth tokens and access keys are stored encrypted
- Use of secure secrets management systems
- Access tokens for external APIs (Facebook, Telegram, etc.) are encrypted and only transmitted to fulfill user requests
- Regular token rotation when necessary
4. Backups
Regular automatic data backups to ensure recovery in case of failures. Backups are stored encrypted and protected from unauthorized access.
5. Least Privilege Principle
Users and processes have access only to data and functions necessary for their tasks. Integrations with external services request the minimum necessary set of permissions.
6. Monitoring and Logging
- Logging of security events and suspicious activity
- Monitoring access to critical data
- Alerts on anomaly detection
7. Updates and Patches
Regular application of security updates for infrastructure and dependencies. Vulnerability monitoring and timely patch application.
8. Incident Response
In case of a security incident, we take measures to eliminate the threat, notify affected users (if required) and conduct analysis to prevent recurrence.
9. Contact
Security inquiries: admin@retteu.app
Support: support@retteu.app