Updated April 2023
Here are answers to Frequently Asked Questions about our Security. For more information, read about our Security Posture.
Will you use my data to build advertising products or sell it to third parties?
Will you disclose or sell the data and PII that I provide you about my customers?
No. We use the data you provide us about your customers only to provide your services and for no other purpose.
How is my password secured?
We securely encrypt your passwords. Passwords are one-way encrypted using the bcrypt algorithm, with a random salt for each password. This means that only the original creator of the password knows its value. This type of encryption is extraordinarily difficult to break. When passwords must be retrieved, public/private key encryption is used, with a key length of 4096 or greater. Access and retention of passwords are strongly controlled and logged.
How do you protect Credit Card and Financial Information?
Reputation.com does not store credit card numbers and security information. If you provide a credit card number to purchase a service, it is turned into a secure token by our credit card processing company. We only store the secure token on our systems. We DO NOT collect or store personal financial data, Social Security Numbers, National Insurance numbers, or government-issued ID numbers of any kind.
How can I protect my Reputation.com account?
- Do not share your Reputation.com password with anyone.
- Make sure that your password includes numbers, lower and uppercase letters and is at least 8 characters in length.
- Update your password on a regular basis.
Is the data flowing between the business and the vendor’s cloud-computing infrastructure secured?
Yes. A proven, standard algorithm with at least a 1024-bit key is used for all communications between cloud servers.
Are you HIPAA Compliant?
Yes. Our products are HIPAA compliant, with employees required to complete HIPAA training upon hire and on an annual basis. Our Business Associates Agreement is available upon request.
Are you PCI Compliant?
Yes. Reputation.com is PCI DSS 3.2.1 compliant.
Do you do background checks on your employees?
- Employees go through a background check and a reference check before they are hired.
- Employees and contractors all sign a confidentiality agreement.
What third-party security assessments has Reputation.com undergone?
- Website undergoes quarterly penetration testing.
- The company website [ Reputation.com ] undergoes weekly comprehensive security scans with alert, and the application [ app.reputation.com ] undergoes a daily comprehensive security scan with alert.
Where can I learn more about protecting my privacy and security on Reputation.com?