Security
Built after CDK.
Designed to be different.
Everything on this page reflects what's built and in production today. Any updates to our security architecture will be reflected here. We don't use vague marketing language or make claims we can't back up with facts. If you have questions about anything on this page or want more detail, please reach out at hello@goruvo.com.
Data We Handle
RUVO processes sensitive customer information on behalf of dealerships, including:
- Full legal names, dates of birth, and contact information
- Social Security Numbers
- Driver's license numbers and state of issue
- Employment information and monthly income
- Financial preferences and credit pre-qualification data
- Uploaded identity documents (driver's license images, insurance cards, pay stubs)
We treat all of it as sensitive. We don't tier our security controls based on data type, everything gets the same treatment.
Encryption
At rest
All data is encrypted using AES-256, the same standard used by financial institutions and government agencies. This applies to every table in our database without exception.
In transit
All data in transit is protected by TLS 1.3. HTTP connections are not permitted. Every request is redirected to HTTPS automatically.
SSNs and driver's license numbers: double encryption
These fields receive an additional layer of encryption beyond the standard database encryption. They are encrypted a second time using a separate key stored outside the database entirely. A complete breach of the database, including the database encryption key, is not sufficient to read SSNs or license numbers. An attacker would need both the database and the separate key store, which are isolated systems.
Access Control
Role-based access, enforced server-side
RUVO supports three user roles: Admin, Finance Manager, and Salesperson. Each role has a defined set of permissions that are enforced at the API level, not just in the UI. A salesperson cannot access SSNs or full financial data regardless of what they do in the browser. The server will not return that data to a salesperson-level session.
SSN reveal logging
Every time a user reveals an SSN - even partially - the action is logged with the user's identity, timestamp, and IP address. This creates an auditable record of every sensitive data access event.
Multi-factor authentication
All accounts are required to use TOTP (Time-based One-Time Password) multi-factor authentication. There is no option to disable MFA on any account type.
Session management
Admins can view active sessions across their dealership account and terminate any session remotely. Terminated sessions are invalidated immediately server-side.
Audit Logging
Every sensitive action on the platform generates an audit log entry. This includes:
- Record views
- SSN and driver's license reveals
- Document access
- Status changes
- User account changes
- Data exports
- Login events, including failed attempts
Audit logs capture: the acting user's identity, their role, the timestamp, their IP address, and the specific action taken.
Audit logs are retained for 12 months and are accessible to dealership Admins at any time through the Settings panel. They can be exported for compliance or investigation purposes.
Audit log entries cannot be modified or deleted by any user, including RUVO administrators.
Document Storage
Uploaded customer documents are stored in encrypted cloud storage. Access to documents is controlled by signed URLs that expire after 60 seconds. A URL generated for one session cannot be bookmarked, shared, or reused in another session. Documents are not accessible via static links at any time.
Data Lifecycle
| Data Type | Retention Period |
|---|---|
| Customer records and portal submissions | Permanently deleted 90 days after deal closes |
| Uploaded documents | Permanently deleted 90 days after deal closes |
| Audit logs | 12 months from the date of the logged action |
| Dealership user account data | Duration of active subscription |
| Dealership user session data | 30 days |
"Deleted" means permanently removed from our systems and backups, not moved to cold storage, not archived, not retained in any form. The deletion is permanent and irreversible.
Automatic deletion is not configurable downward by dealerships, it is a fixed platform behavior, not a setting.
AI Processing
RUVO's built-in AI assistant, Ruvi, is powered by Anthropic Claude under a Zero Data Retention (ZDR) agreement.
This means:
- Customer data submitted to Ruvi for processing is not stored by Anthropic
- No customer data is used to train AI models
- No data is retained by our AI vendor after a request is processed
- This is a contractual obligation on Anthropic's part, not a configurable setting
RUVO uses a single AI vendor with a single ZDR agreement. We do not route data through any AI system that does not have Zero Data Retention in place.
Infrastructure
| Application hosting | Vercel |
| Database | Supabase (PostgreSQL, encrypted at rest) |
| Storage | Supabase Storage (encrypted) |
| AI processing | Anthropic Claude API (Zero Data Retention) |
| Email delivery | SendGrid |
| SMS delivery | Twilio |
All infrastructure providers are enterprise-grade vendors with their own security certifications and compliance programs.
What We Don't Claim
We do not currently hold SOC 2 certification. SOC 2 requires operating history - no new platform can have it on day one. We are building to that standard from the beginning. An independent SOC 2 Type I audit is planned for Month 12–18 of operations, contingent on business growth supporting the investment at that stage. The audit validates what is already built, not what we intend to build.
For technical due diligence
Need more detail?
Qualified prospects in the contracting process or current RUVO customers can request full security architecture documentation, data flow diagrams, vendor security certifications, and penetration test results once available. Qualified prospects are those that have completed a demo and are in active contract negotiations with our sales team. If that's you, please email us at hello@goruvo.com to request the documentation.