Security at RetailerOS

RetailerOS holds the day-to-day operational data of Indian retail businesses — invoices, customer records, IMEI numbers, ledger balances. We treat that responsibility with the seriousness it deserves. This page describes how.

The four pillars

Encryption

In transit — every connection between you, our servers, and our integrations is protected by TLS 1.3. We disable older protocols (SSL, TLS 1.0/1.1) and weak ciphers across all environments.

At rest — application data, database storage, and backups are encrypted using AES-256. Database fields containing sensitive information (phone numbers, GSTINs, payment tokens) are additionally encrypted at the column level.

Key management — encryption keys are stored in a managed key-management service, never in application code. Keys are rotated on a regular schedule.

Infrastructure

RetailerOS runs on cloud infrastructure with primary servers in India. Our infrastructure providers are SOC 2 Type II and ISO 27001 certified. We run on private virtual networks; databases and internal services are not exposed to the public internet.

All deployments are immutable, peer-reviewed, and pass automated security checks before reaching production.

Access controls

For your team — role-based access (Owner, Manager, Counter Staff, Read-only) so the right people see the right things. Account owners can revoke access instantly.

For our team — production access is limited to a small group of senior engineers, requires MFA, and is logged. We never access your business data unless you explicitly grant support access for a defined troubleshooting window.

Authentication

• OTP-based phone verification at signup.
• Strong password requirements (or passwordless via OTP).
• Optional 2-factor authentication on all paid plans, mandatory on Enterprise.
• Session expiry, suspicious-login alerts, and the ability to sign out remote sessions.

Backups and disaster recovery

We perform automated daily backups, retained for 30 days, encrypted at rest. Backups are stored in a geographically separate region from the primary database. Our disaster-recovery plan targets:

• RPO (Recovery Point Objective): under 24 hours for daily backups, under 1 hour for transactional replication on Pro and Enterprise plans.
• RTO (Recovery Time Objective): under 4 hours for full service restoration in case of regional failure.

We test recovery procedures regularly.

Monitoring and incident response

We continuously monitor application performance, error rates, and security events. Our on-call team responds 24×7 to critical alerts. If a security incident affects your account, we will notify you within 72 hours of confirming the impact, with details of what happened, what data was involved, and the steps we're taking.

Vulnerability disclosure

We welcome reports from security researchers. If you discover a vulnerability:

We will acknowledge receipt within 2 business days, keep you informed of progress, and credit you (with permission) once the issue is resolved.

Compliance

RetailerOS is built to support compliance with:

• Digital Personal Data Protection Act, 2023 (India)
• GST record-keeping requirements (8-year retention)
• WhatsApp Business Policy for messaging features
• RBI guidelines on payment data handling (we don't store full card numbers — payment processor does)

SOC 2 Type II audit is on our roadmap; we'll publish the report once available.

Your responsibilities

Security is a shared effort. We strongly recommend:

• Use a strong password or rely on OTP-only login.
• Enable 2FA on owner accounts (mandatory on Enterprise).
• Don't share login credentials — give each staff member their own seat with the right role.
• Review your active sessions and audit log regularly.
• Notify us immediately if you suspect a compromised account.

Contact