Roo Code Trust Center
Roo Code is in compliance with security best practices, has implemented and is monitoring comprehensive controls, and maintains policies to outline its security procedures.
Compliance
Resources
SOC 2 Type II Report
SOC 2 Type I Report
Personnel Security Policy
Information Technology Leadership Committee Charter
Binding Corporate Rules (BCRs) Policy
Controls
Access control procedures
Access review of infrastructure
VPN access
Multifactor authentication
Data subject access request response remplates
Encryption of data
Data protection policy
Data transfers covered by approved safeguards
Cooperation agreements/data sharing frameworks
Data processing agreements executed and retained
Source code tool
Business continuity and disaster recovery testing
Web application firewall
Outsourced Development Management
Sample code changes
Intrusion detection tool
Infrastructure baseline hardening policy
Infrastructure firewall
Monitoring tool
Network diagram
Incident response and breach notification policy
Security incident list
Alerts and remediation
Breach notification communication
Internal GDPR compliance assessments performed
Binding corporate rules policy
Whistleblower policy
Rectification request policy
Objection handling policy and systems generated
Log management tool
Vendor management program
Vendor list
Vendor termination
Vendor onboarding
Consent for processing captured via explicit opt-in mechanisms
Age verification and parental/guardian consent process enforced
New employee and contractor agreements
Existing employee and contractor agreements
Customer onboarding
Security awareness training implemented
List of newly hired employees & contractors
Records of Processing Activities (RoPA) maintained
Multi-availability zones
Notification workflows regarding rectification or erasure maintained
Asset register maintaining
Risk management program
Lawful basis assessment
Legitimate interest assessment
Risk and Governance Executive Committee meeting minutes
Patch management
Antivirus and malware configurations
Board charter
Asset register list
Termination checklist
Subprocessors
SupabaseData Stores & Warehouses
Clerk | Authentication and User ManagementUnknown Category
SentryLogging & Observability
PostHogBusiness Apps & Productivity