We handle some of the most sensitive data in your business — deal values, rep performance, CRM access tokens. Here's exactly how we protect it.
How we protect your data
All pipeline data, CRM tokens, and deal content is encrypted at rest using AES-256. Encryption keys are rotated regularly and stored separately from the data they protect.
We never ask for or store your CRM password. All integrations (Salesforce, HubSpot) connect via OAuth — you authorize access through your CRM's own login flow, and you can revoke it at any time.
Your deal data is never used to train AI models — ours or anyone else's. Analyses are run in isolated contexts. Your pipeline information is not pooled, shared, or sold.
Every AI action — deal scoring, stage changes, email drafts, Copilot executions — is logged with a timestamp, user, and reasoning. Enterprise plans include a searchable audit trail with export.
Enterprise plans include RBAC with four levels: Admin, RevOps, Manager, and Rep. Reps see only their own deals. Managers see their teams. Admins control the full workspace.
Authentication tokens are short-lived and rotated automatically. Sessions expire after inactivity. All traffic is encrypted in transit via TLS 1.3.
Each workspace's data is logically isolated. There is no cross-tenant data access. Database access is restricted to application-layer services only — no direct external connections.
Data residency, right-to-deletion requests, and data processing agreements are available for teams operating under GDPR. Contact us to request a DPA.
If you discover a security vulnerability in DealRadar, please report it to us privately before disclosing it publicly. We take all reports seriously and aim to respond within 48 hours.
Report a vulnerabilityIf you have specific security requirements — DPA requests, penetration test results, or enterprise security review — get in touch.
Contact us