Security & Trust
Your revenue data, protected by default
Revulas handles your leads, conversations, and integrations — so security and compliance are part of the platform, not an add-on. Here's exactly how we protect your data.
Book a DemoEncryption in transit and at rest
All traffic to and from Revulas is encrypted with TLS. Integration credentials — calendar, inbox, and CRM connections — are encrypted at rest with AES-256 using dedicated encryption keys.
Role-based access with audit logging
Team members see only what their role allows. Sensitive actions across the platform are captured in audit logs, so account owners can see who did what and when.
Telecom compliance built-in
A2P 10DLC campaign registration, automatic DNC scrubbing before outbound campaigns, TCPA quiet-hour enforcement, and opt-out language handled by the platform — not left to each user.
Data isolation per account
Every account's contacts, conversations, and configuration are isolated at the data layer. Your leads and conversation history are never visible to, or shared with, other accounts.
Stripe-hosted payments
All payments run through Stripe's hosted, PCI-compliant infrastructure. Revulas never stores card numbers on its own servers.
HIPAA compliance pack for healthcare
Healthcare clients can enable our HIPAA compliance pack, with a Business Associate Agreement (BAA) available on request for practices handling protected health information.
SOC 2 Type II — in progress
Revulas is actively working toward SOC 2 Type II certification. Our controls for security, availability, and confidentiality are being built and documented against the SOC 2 framework from day one, and we're happy to walk enterprise buyers through our current posture on request.
Questions or disclosures
Found a vulnerability, or need security documentation for a procurement review? Our team responds directly.
security@revulas.com