Privacy, security, and data protection are central to Tribe

Explore how we deploy state of the art practices to support the security objectives

Security framework

Data integrity

Ensuring customer information is always secure at any moment, during transit, and at rest.

Continuous defense

Minimizing any security risks through continuous penetration, vulnerability, and risk assessments.

Best practices

Ruthless implementation of security practices based on industry guidelines for cloud security.

Security initiatives

We're committed to keeping our streak of 0 data breaches intact
aplication security

Application security

A development process that enables immediate prioritization of critical updates and vulnerability remediations.
  • Every single user input goes through a validation layer that uses best practices to mitigate security vulnerabilities
  • Whether data is being transferred or stored, all customer data is secured with the latest encryption algorithms and technologies
  • All the access to production systems is logged and monitored by Tribe’s operations team.
  • All production database instances having streaming backups via database replicas in addition to daily full snapshots
network security

Network security

All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACLs) to prevent unauthorized requests.
  • Protected by Cloudflare, which uses automated traffic scrubbing tools that monitor incoming traffic
  • Customer data is stored in multi-tenant datastores and logically separated
  • All data in our system are tagged by account and every request to our system requires account context
  • We use intrusion detection with a robust Security Information and Event Management (SIEM) system
organizational security

Organizational security

Tribe's security practices apply to all members of staff, third-party service providers, and physical data center security.
  • Tribe adheres to the principle of least privilege
  • Employees are given access only to the data that they must handle for their job responsibilities
  • Tribe establishes agreements with all third-party providers that require them to adhere to confidentiality commitments we make to our customers
  • Tribe infrastructure is hosted on DigitalOcean data centers that are equipped with physical barriers such as alarms, access cards, video surveillance, etc.
your data at Tribe

Your data at Tribe

Tribe does not mine, store, or attempt to access any special or sensitive categories of personal data
  • Your organization is in control of all community and employee data at all times
  • You have the ability to set user permissions to limit access to data export, moderation, and other features
  • Tribe employees can access data after your permission as necessary for customer support
  • In the case of third-party integration, data scopes are limited to only the necessary information


Security practices and regulatory compliances are woven into everything we do at Tribe

Join the discussion

During transit, either externally or internally between Tribe services, data is encrypted using TLS 1.2 with AES 256 bit encryption to ensure data protection at all times. Tribe SSL certificates are issued through Let's Encrypt...

Updated 3 days ago
Join the Discussion

From what I gather broadly you have the following features for GDPR: ✓ Cookie consent ✓ Ability to delete members (and associated data) ✓ Ability to export member-specific data ✓ Linking to the privacy policy Here is a detailed post on how to use each of these...

Answered by Adrian
Join the Discussion

Get the datasheet