How we protect your data
- TLS 1.3 in transit, AES-256 at rest
- Daily encrypted backups with 30-day retention
- Role-based access within your team — every action is logged
- SOC 2 controls in progress (audit underway)
- No third-party tracking pixels on customer-facing pages
Reporting a vulnerability
Found a security issue? Email security@rooferapp.com. We respond within 24 hours and we do not pursue researchers acting in good faith.
Data residency
Customer data is stored in US-based data centers. Canadian customers can request CA-based storage — contact us.