Back to home

Legal

Security

How we protect your data and your artists' information.

Encrypted in Transit

All data transmitted between your browser and Roster is encrypted using TLS 1.3.

GDPR Compliant

We are fully compliant with UK GDPR and handle all personal data responsibly.

Secure Infrastructure

Hosted on Vercel's enterprise-grade infrastructure with automatic DDoS protection.

Secure Payments

All payments are processed by Stripe. We never store card numbers or sensitive payment data.

Data Encryption

All data in transit is encrypted using TLS 1.3. Data at rest is encrypted using AES-256. Passwords are hashed and never stored in plain text.

Infrastructure

Roster is hosted on Vercel, which provides enterprise-grade infrastructure including automatic scaling, DDoS protection, and global edge network. We perform regular security updates and dependency audits.

Access Controls

Roster uses role-based access controls, allowing you to manage which team members and freelancers have access to specific features and data. All access is logged and auditable.

Payment Security

All subscription payments are processed by Stripe, a PCI DSS Level 1 certified payment provider. Roster never stores, transmits, or has access to your full card details.

Responsible Disclosure

If you discover a security vulnerability in Roster, please report it to us at help@rosterroyalties.com. We take all security reports seriously and will respond within 48 hours.