Security & Privacy at Rev

Our compliance standards

Rev is committed to safeguarding our customers’ data. To demonstrate this commitment, Rev maintains compliance with a number of both internationally-recognized and industry-specific security and privacy standards, including:

Soc 2 Type II

Rev engages an independent, third-party auditor to perform an annual SOC2 Type II Attestation. Rev’s SOC2 Type II report includes details on the internal controls at Rev designed to protect the security and maintain the availability of our customer’s data. More information on Rev’s SOC2 Type II report can be found here.


Rev’s services were built with privacy in mind, designed to make it easy for customers to comply with their privacy obligations. More information on how Rev complies with privacy regulations can be found in Rev’s Data Processing Addendum and Privacy Policy.


Rev maintains PCI compliance as a merchant for payment processing. All credit card payments are facilitated through a third party payment processor. Rev does not store credit card details, only an independent ID associated with the account handled by the payment processor.

Download Rev's Information Security & Privacy Program Overview

Download PDF

We set our security bar high

Storage & Transmission

All customer data is encrypted both in transit and at rest. Data stored on Rev’s platform, as well as communication between Rev servers and our customers, is encrypted via industry best-practice standards (like TLS). TLS is also supported for encryption of emails.

Backup & Recovery

Rev backs up critical system data multiple times per day to prevent data loss or corruption. All Rev and customer data is hosted at Tier IV or III+, SSAE-18, PCI DSS, and/or ISO 27001 compliant facilities in the United States.

Availability & Access

Rev maintains a redundant infrastructure in case of emergency, with a goal of 99% uptime. All customer data is accessible to staff only to the extent necessary to perform the required work. Our Security Team is on call 24/7 to respond to security alerts and incidents.


Teal colored icon of three avatars in a circle.


Rev employees are trained and restricted to handle only the data required to perform their job. Employees are trained on the proper use of our systems and best practices for security & privacy. All employees undergo background checks and have signed confidentiality agreements.

Lilac colored icon of transcription.

Transcriptionists & Captioners

Revvers (our transcriptionists, captioners, etc.) are vetted through a rigorous screening process, including identity verification, and receive training. All Revvers have signed confidentiality agreements. While actively working on a file, Revvers are required to use our secure and proprietary tools, only accessible through a web-based portal.

Neutral colored shield icon with lock on top.

Third Party Marketers

We do not share or sell information we collect to third party marketers.

Chartreuse colored icon of one avatar expanding to four other avatars.

Within your Team

Rev is built to work for collaborative and disparate teams. With multi-user accounts, admins can choose to restrict access with intuitive sharing controls.


Rev complies with many widely-accepted standards and regulations, with compliance measures geared toward the specific needs of our customers. Please contact us to learn more about Rev’s industry-specific compliant service offerings (HIPAA, HECVAT, etc.).

Retention & Disposal

Customers may purge media and transcription data from Rev systems via the Rev Platform or by written request. For large companies with recurring needs, we also support periodic purging of data on a customer-specified schedule.


Cookies are used to identify users with session data using an unidentifiable string that can be interpreted by the Rev system. Explicit personal information, such as an email address or name, does not exist in the cookie.

Additional details of our security & privacy programs are available on request. Please contact our team.