Security

Effective date: 16 March 2022

Runn takes your data security and privacy seriously

We take the protection of your personal information and data very seriously and make every effort to keep your data safe from loss, unauthorized activity, or other misuse. We use the latest software, strive to apply critical security updates within 24 hours, work with industry best practices and provide security training to our technical staff.

Runn’s security management system has been independently certified through SOC2 Type I (view our announcement). As of March 2023, we are undergoing SOC2 Type II certification.

We continuously monitor compliance with our security policies and SOC2 security requirements using Vanta and provide public access to our real-time Monitoring and Trust Report to attest to our security posture. We can also provide a copy of our independent pentest results for enterprise customers.


How Runn keeps your data secure

  1. All data is transmitted to our systems via HTTPS encryption.
  2. Two-factor authentication via Google login.
  3. Runn maintains a secure cloud-based infrastructure hosted with Heroku. Our application and data is stored at their secure data centers in the Europe.
  4. Heroku regularly undertakes third party penetration testing and vulnerability assessments. Read their full compliance regulations and certificates here.
  5. All passwords are hashed using industry best practice (bcrypt) in our system and can not be viewed or decrypted by Runn staff.
  6. We restrict staff access to production data and ensure our staff use two-factor authentication to access Runn's systems.
  7. We adhere to coding best practices and all changes to Runn's software are checked by a second developer for any potential security issues.
  8. We provide security training to all our technical staff.
  9. Runn users can delete their Runn account and all information we hold about them.
  10. Our systems are closely monitored for any suspicious activity and we automatically lock accounts that may have been compromised.
  11. You can control what your users can see and do in Runn with nuanced access permissions.
  12. We are prioritising security updates, and are releasing any security patches as soon as practical (generally within 24 hours).
  13. We are running the latest version of software whenever possible.
  14. Credit card information is held by and processed by Chargebee which provides an extra layer of security around financial information. Read their compliance regulations here.


Additional optional security

We provide the option of additional security for enterprise customers at an additional cost.

  1. Data can be stored on an isolated system that contains only a single account.
  2. Audit of our system by a 3rd party security vendor.

How can I find out more information?

If you have any questions about security and how we are keeping your data safe, please reach out via the in-app chat or by sending us an email to help@runn.io

How can I report a security issue?

Email security@runn.io with the issue and any related details.A team member will get back to you as soon as possible, usually within 24 hours.

Runn does not offer a bug or security bounty program at this time.

Smart resource and capacity planning
Runn
Resource ManagementAboutCareers
ContactLinkedIn
Resources
BlogHelp CenterRoadmapWhat's New
Get Started
Sign InBook a DemoTry for FreePricing
Runn © 2023
Privacy PolicyGDPRSecurityTermsCookies
By clicking “Accept” you agree to the storing of cookies on your device and tracking to analyze site usage and assist in our marketing efforts. View our Privacy Policy, Cookie Policy and GDPR page for more information.
PreferencesDenyAccept