We are committed to ensuring that we provide a highly secure and reliable environment for your data.



We transfer data via 256 bit SSL (Secure Socket Layer). We use Google Cloud Platform (GCP) to store all our data. We encrypt your data using 256-bit SSL over wire, AES256 encryption at rest.



Payments are done with Stripe and we are committed to staying PCI compliant. We don’t store any billing and payment information on our servers. Stripe is PCI-Compliant with Industry Data Security Standard.


Data Center

Our data used Firebase services which is a part of the Google Cloud Platform. Data lives in the US central region.


Business Continuity and Disaster Recovery

We conduct regular backups as part of the deployment process in a secure storage. We only keep the latest backups and remove old backup files.

gear development

Development Practices

We use agile development methodology and apply all coding standards. We go through the following stages: Backlog, Planning and Grooming, Test and Bug process, Release, Retrospectives using RetroTeam. Our code goes through a staging environment to run manual tests, after which we deploy to production.

privacy shield

Data Privacy

You own your data. RetroTeam does not sell or rent any customer data to anyone. Please review our Privacy Policy and Terms and Condition for more info. At any time you may export data from our servers to CSV/Text or contact us to destroy it.


Password Encryption

Our passwords are stored securely by using Firebase Firebase Authentication. Firebase Authentication uses an internally modified version of scrypt to hash account passwords.



Because we use Firebase as our underlying service. You can check the live status here.

data retention

Data Retention and Removal

We retain our users data for a period of 60 days after their trial or subscription ends. All data is then completely removed from the application. Users can request the removal of data at any time by deleting their account or contacting RetroTeam support. Read more about our privacy settings in our Privacy Policy.

application security

Application Security Protection

We use a runtime protection system that identifies and blocks OWASP Top 10 and business logic attacks in real-time. We use security headers to protect our users from attacks. We integrate security in our applications and protect our users from data breaches.

Get Started Now!

Start creating Retrospectives and Invite your Team