We understand that by using Roi, you are trusting us with your data. That’s why we treat your personal and financial data like we’d want ours to be treated. Below, you‘ll find the principles that guide our approach to privacy and security.
We believe that you should have access to and control over your data.
We employ a number of security measures to help keep your data safe, including 256-bit encryption to protect it at rest and Transport Layer Security (TLS) to protect it in transit. In other words, your data is encrypted while it is being stored and while interacting with our servers. And we do not see or store your bank login credentials because we partner with trusted data aggregators, like Plaid, to connect to your financial institutions. Roi works with third party vendors who adhere to industry security standards. You can read more about Plaid's security policies on their websites.
Roi's direct OAuth integrations for Coinbase meet the same data security requirements. OAuth allows us to connect directly with your bank rather than importing your account and transaction data via an aggregator. We do not see or store your OAuth login credentials either.
When you connect your wallet, we do not have access to your assets. Instead, we require you to sign every transaction manually with your custodial wallet when trying to execute a transaction.
You can delete your Roi account at any time from the Settings -> Get help, or by emailing us at firstname.lastname@example.org. If you delete your account, we do not keep any of your linked financial data or Roi account data (email address, etc.), except in the limited circumstances where required by law, to resolve disputes, protect Roi and our users, and enforce our agreements. Where Roi has no such obligations, the data will be completely removed from all our internal systems, including backups, within 60 days.
Top security infrastructure
Roi’s infrastructure is built on the Google Cloud Platform (GCP), which is used by leading financial companies worldwide. GCP adheres to industry standard security, privacy and compliance controls, including:
- ISO/IEC 27001, 27017 and 27018
- SOC 1/2/3
- PCI DSS
- CSA STAR
We use Multi-Factor Authentication (MFA) on all internal systems and incorporate MFA support and mobile device management into our company devices.
We also regularly verify our data and product is safe & secure.
We don't sell your data
Our only focus is on building tools that help you improve your portfolio. We respect your privacy, so we give you transparency and control over your data and keep it private. We do not sell your personal data to third parties.
If you have any questions about this page, you can contact us: