RequestLoops 보안
RequestLoops는 회계사, 건축가 및 기타 전문 사무실을 대신하여 문서를 처리합니다. 이 페이지는 데이터가 어떻게 암호화되고, 저장되고, 접근되고, 삭제되는지 요약합니다.
Encryption
All RequestLoops traffic is over TLS. Files and database records are encrypted at rest. Backups are encrypted and retained for up to 90 days post-deletion.
Hosting and regions
RequestLoops runs in two regions, FR (Paris) and AP (Tokyo), with single-tenant Postgres per region (as of 2026-05-08). Data is stored in the region selected at signup and does not leave that region for storage purposes.
Access control
Account holders sign in via OAuth with Google or Microsoft — RequestLoops does not store passwords. Recipient access is via tokenised portal links scoped to a single recipient and revocable at any time.
Audit logs
Every reminder, submission, role change and request action is timestamped and recorded per item. Audit history is exportable on request.
GDPR and PIPA alignment
RequestLoops handles personal data under GDPR (EU/EEA) and PIPA (South Korea) principles. Data subject rights — access, rectification, erasure, portability — are supported. See the privacy policy for the full breakdown.
Incident response
We monitor production via Sentry and structured logging. In the event of a data breach affecting your data, we notify you and the relevant authorities as required by applicable law.
Security questionnaire
For procurement-grade security review, contact us for a security questionnaire and DPA.