Rethink Logo

rethink

Sign inJoin waitlist

System Security at Rethink

At Rethink, we understand how valuable your data is — that's why we work hard to respect your privacy and ensure that your data is always safe with us. Here are some of the ways in which we keep your data private and your work secure.

How is my data safe?

Complete control over who can access your Data

  • All entered data is private by default. Accessing your data requires a user to have a Rethink account and be invited to view and modify your data by an authorized user of your account.
  • You can also decide to make your data viewable by others with a shared link and to allow others to download documents.
  • Direct file access is protected behind multiple security measures.
  • All files are available through a secure URL (including images and downloadable documents).
  • URLs cannot be guessed and all filenames are obfuscated.

Where is my data stored?

Rethink utilizes industry-leading cloud providers for our infrastructure:

  • Our primary infrastructure is hosted on Google Cloud Platform
  • We use Cloudflare for enhanced security and content delivery
  • Additional services are hosted on Vercel and Fly.io

Is my data secure?

  • All of our servers are within our own virtual private cloud with network access control lists that prevent unauthorized requests from reaching our internal network.
  • We implement data encryption in transit, meaning all our data in the database, underlying storage, backups, replicas, and snapshots passes through encrypted channels.
  • Only a select few authorized personnel can access data, and they only do so to improve the services we provide.
  • We maintain comprehensive monitoring and auditing of our usage logs.

What Third Party services do we use?

We use several trusted third-party services to provide and improve our services:

  • Resend for sending transactional and administrative emails
  • Google Analytics to track page views and improve usability of our website and applications
  • Cloudflare as our content delivery network (CDN) and for additional security
  • All payments are processed by secure payment providers
  • We provide integrations with Procore, SharePoint, and Outlook for data syncing and enhanced functionality

Compliance

Our cloud infrastructure providers maintain multiple certifications for their data centers, including ISO 27001 compliance, PCI Certification, and SOC reports. For more information about their certification and compliance, please visit their respective security and compliance websites.

You can find out more about our policies in our Terms of Service and Privacy Policy. If you have any questions about security at Rethink, please contact our support team.