Security at Reviewlee

Reviewlee encrypts data at rest and in transit for all of our customers. We use tools like AWS Key Management Service (KMS) to manage encryption keys.

• Data at rest is encrypted using AES-256.
• Data in transit is encrypted using TLS 1.3.
• Backups are encrypted and stored in multiple regions.

Our multi-tenant architecture ensures logical separation of customer data.

All data is scoped by Organization ID at the database level. Strict access controls prevent cross-tenant data access.

Secure authentication practices to protect your account.

• We use secure, HTTP-only session cookies.
• Passwords are hashed using Argon2id.
• Multi-factor authentication (MFA) is on the roadmap.

Hosted on world-class cloud providers.

Reviewlee runs on Amazon Web Services (AWS) and uses Neon (PostgreSQL) for database services. Our infrastructure is defined as code (IaC) using Terraform.

If you believe you’ve found a security vulnerability in Reviewlee, please get in touch with our security team at [email protected]. We appreciate your help in making our platform secure.

We are working towards SOC 2 Type II compliance. We expect to complete our audit by Q4 2026.