This page is maintained by the Ramp team to answer common security questions. It is not a certification or audit report.
We take the security of your data seriously. The controls below reflect the current state of the Ramp application. If you need a Data Processing Addendum, security questionnaire, or more detail about any of these practices, please contact us at hello@alignwithramp.com.
Access & authentication
Ramp uses a managed authentication provider for sign-up, sign-in, and password reset. Users authenticate with email and password or a supported social provider. We do not store plaintext passwords.
Role-based access
Workspace data is separated by workspace and scoped by role. Owner, admin, editor, and viewer roles limit who can edit, share, or export documents. Row-level access controls enforce these boundaries at the data layer.
Data storage & hosting
Application data is stored by our managed backend provider. We use standard encryption in transit and at rest as provided by that platform. Backups and infrastructure operations are handled by the provider.
Cookies & analytics
Ramp uses session cookies to keep you signed in. We use minimal analytics to understand how the product is used and do not sell visitor data to third parties.
Retention & deletion
Documents and account data are retained while your workspace is active. You can delete documents and workspaces from within the app. If you need full account deletion, contact us.
Incident & vulnerability reporting
If you discover a security issue or experience an incident, please report it to hello@alignwithramp.com. We review reports promptly and will work with you to address the issue.
Shared responsibility
Security is a shared responsibility. Ramp handles the platform, access controls, and data storage. Customers are responsible for choosing strong passwords, managing workspace members, and sharing documents only with intended recipients.