Skip to main content
Strategos Analytics

Trust & Security

Security overview

How we protect your pipeline data.

Revenue Navigator processes your organisation’s CRM data to surface pipeline intelligence. That means you are trusting us with some of your most sensitive commercial information. We take that seriously, and we want to be transparent about how we protect it.

This page describes our current security posture. We do not claim certifications we do not hold. Where our programme is still maturing, we say so.

Our approach

Security is built into how we develop, deploy, and operate Revenue Navigator — not added on afterwards. Our baseline controls are designed for the data sensitivity of B2B SaaS revenue teams: encryption everywhere, strict access controls, and no unnecessary data retention.

Encryption in transit

All data exchanged between your browser, our platform, and our infrastructure is encrypted using TLS 1.2 or higher. We do not support legacy cipher suites.

Encryption at rest

Customer data stored within the Revenue Navigator platform is encrypted at rest using AES-256. This includes CRM data, pipeline records, and any derived insights.

Access controls

Access to production systems is restricted to authorised personnel only, using least-privilege principles. Multi-factor authentication is required for all internal systems access.

CRM data isolation

Each customer's CRM data is logically isolated. No customer's data is commingled with another's, and no data is used to train shared models without explicit consent.

Secure development

We follow secure development practices including dependency scanning, code review for security issues, and automated checks in our CI/CD pipeline.

Incident response

We maintain an incident response process to detect, contain, and notify affected customers of any security event in a timely manner.

Data handling

We process your CRM and revenue data solely to provide the Revenue Navigator service as described in our customer agreement. We do not sell customer data, share it with third parties for advertising, or use it to train AI models shared across customers.

Data is retained for the duration of your agreement and deleted within 30 days of termination. You may request early deletion at any time.

Certifications and compliance

We are at the MVP stage and do not yet hold formal third-party certifications such as SOC 2 Type II or ISO 27001. Our security programme is designed with these frameworks as a reference, and formal certification is on our roadmap as the business scales.

If your organisation has specific compliance requirements, contact us to discuss whether Revenue Navigator can meet them at this stage.

Responsible disclosure

If you believe you have found a security vulnerability in our website or platform, please report it to us responsibly before disclosing it publicly. Contact us at security@strategos-analytics.com. We will acknowledge your report within 2 business days and keep you informed as we investigate and remediate.

Questions

For security-related questions or enterprise security reviews, contact us via our contact form or email security@strategos-analytics.com.