Skip to main content

Data protection

Learn about the best practices for storing data that's potentially sensitive.

To guard against risk, you must properly handle any potentially sensitive data. This includes:

  • Personally Identifiable Information (PII). Such as:
    • Social security, driver’s license, state identification card, or passport number.
    • Racial or ethnic origin, political opinions, religious or philosophical beliefs, or union membership.
    • The contents of mail, email, and text messages unless a business is the intended recipient of the communication.
    • Genetic or biometric data. Data concerning health or data concerning a natural person’s sex life or sexual orientation.
    • Precise location information (e.g., geolocation data).
    • Any personal information that is not public.
  • Financial information. Such as:
    • Account login credentials, including financial account, and in combination with any required security or access code, password, or credentials that would grant access to an account.
    • Debit or credit card information, including full card details.
  • Protected health information (PHI). Such as:
    • Health records.
    • Confidential doctor or patient data.

Sensitive information can be, and often is, subject to strict legal requirements for handling and storage. Although Retool does not have a legal obligation to enforce this, storing these kinds of information may not comply with your own legal or compliance obligations.

Please refer to Retool's terms and policies for detailed information.