Trust is our most valuable asset. Without it, we don’t have a business, so we take security seriously. As security can be a complicated topic, we’ve tried to make this as easy to understand as possible. For each section, we have a summary which is as much plain-speak as possible and then have additional (more technical details) right below.
You can back up and export your tasks data whenever you need to and are working on the ability to export other Rock account data. You can export your data in an open format so you can migrate your data to other services. There are also no hoops to jump through if you want to delete your account—it’s simple and easy.
We encrypt data in transit (we use TLS and HTTPS between you and our servers) and when it’s stored (data collected in one place is known as data “at rest”). Rock uses Amazon Web Services for backup and data loss prevention, relying on Amazon storage service redundancy and replicated multi-instance database clusters to make sure your data is safe.
We encrypt all communication between client software and our servers (“in transit”) with industry-standard TLSv1.2 and TLSv1.3 security protocols. The communication between our servers and other external systems is also TLSv1.3-encrypted. Using this encryption method prevents communication from being intercepted since it is only visible to the client and the server.
We encrypt data “at rest” (stored at Amazon servers) with AES-256 to prevent data leaks.
We use data replication in our data storage to ensure data won’t be lost if there is a software or hardware failure. If that happens, Rock can simply be switched to a data replica where the full copy of the data resides.
Shared data access & retention rules
All members in a Rock space have at least read-only access to every item (whether it’s a message, note, task, or something else) in that space. When you create a new item in a space, you should assume that it will be available to all current and future space members.
If you leave a space, external user-provided resources (like a Google Drive folder) will automatically be disconnected from that space. Detaching a folder will not change or delete any information in the folder. Any internal items that you created (tasks, notes, files, messages) won’t be available to you anymore but the items will be left in the space and other members can access them. If you want to remove something that you created from a space, you have to remove it before leaving the space.
A space (and everything in it) is removed from Rock when all users leave the space. We are working on enabling users to leave a 1:1 space. In the meantime, you can archive the 1:1 space or block the user.
You can remove your account from Rock. By removing your account you will leave all the spaces where you’re a member. All personal information, notes, tasks, and messages from your personal space will be removed—except for the account name which identifies the creator of the items that are preserved.
If you have a question that’s not answered here, reach out to the Rock Team support space or send an email to firstname.lastname@example.org and we can answer your questions or help you troubleshoot.
How do I delete my account?
Deleting your account is permanent and we cannot retrieve it for you. If you want to delete your account:
1) Go to My Account
2) Select the three dots in the top right corner
3) Select delete account.
What format can I choose for exporting my data?
You can export tasks from Rock in different formats. The free version of Rock lets you export tasks in JSON or XML format. You can export tasks to CSV or Excel files if a space is upgraded to the PRO or Teams version of Rock.
How is my data stored?
The data stored at our servers is encrypted “at rest” using AES-256. This approach prevents the possibility of data leaks if someone gets physical access to the servers.
Do you encrypt my data?
We encrypt your data in transit and when it’s stored. In addition to this, we are working on a feature that will provide end-to-end encryption to spaces in Rock in the future.