RISE
Our StoryThe NudgeThe PushMoveActivateSupportBlogShop Now
RISE
RISE

Smart Adjustable Base technology for people who need a little push.

“Push Mode cannot be manually interrupted once initiated, This is a feature, not a limitation.”

Products

The NudgeThe PushActivateThe PUSH+RISE Move — In Development

Company

Our StoryCareersEnterprisePressSupportFAQWarranty

Platform

RISE IndexData RequestSecurityDeveloper SDKSDK DocsChangelogStatus

Legal

Terms of ServicePrivacy PolicyPush Mode EULASleep Data PolicyAutonomous NavigationDisclaimer
InvestorsIR HubAnnual ReportShareholder LetterVision 2045FinancialsPress

© 2026 RISE Technologies, Inc. All rights reserved.

Sitemap
Know someone who needs a push? →

RISE is not responsible for productivity gains, lifestyle improvements, career advancement, relationship outcomes, or existential reckonings resulting from Push Mode. Results may exceed expectations.

Security

Security at RISE

Trust is the foundation of everything we build. When you invite RISE into your bedroom, your morning routine, and your commute, you’re trusting us with more than data — you’re trusting us with the first and last moments of your day. We take that seriously.

Our security program is designed to protect the data generated by 2,048 pressure sensors, environmental audio classification, occupancy detection, relationship status inference, and autonomous navigation telemetry. We understand the sensitivity of this information.

Visit Trust Center→Privacy Policy

Compliance & Certifications

Industry-Recognized Standards

RISE is committed to achieving and maintaining compliance with the security frameworks that matter most to our customers.

Pending

SOC 2 Type II

Application submitted Q3 2023. Audit engagement confirmed.

Status: Awaiting auditor availability.

Pending

SOC 1 Type II

Readiness assessment initiated Q1 2024. Internal controls documentation in progress.

Documentation 40% complete as of August 2024.

In Progress

ISO 27001

Gap assessment complete. 14 of 93 controls implemented. Remediation in progress.

Gap assessment completed: June 2023.

Applicable

HIPAA

RISE has implemented applicable security policies and procedures to ensure compliance with all applicable rules and regulations.

For compliance purposes, RISE considers itself a Business Associate. BAA template: Awaiting Legal Review.

Acknowledged

GDPR

RISE acknowledges the General Data Protection Regulation and has taken steps to understand its requirements.

Data Protection Officer appointment: Pending. DPA template drafted Q2 2023.

Noted

CCPA / CPRA

RISE is aware of the California Consumer Privacy Act and its amendments. A compliance review has been initiated.

Review initiated: March 2024. Current status: Initiated.

Reliability

99.97%

Platform Availability

Calculated for periods during which monitoring infrastructure was operational. Excludes scheduled maintenance windows, unscheduled maintenance events, and intervals during which the monitoring service itself was unavailable. Availability is measured across customer-facing services only. Internal systems, including the document management portal, are excluded from this calculation.

Infrastructure

How We Protect Your Data

From encryption in transit to access controls at rest, every layer of the RISE platform is designed with security as a first principle.

Enterprise-Grade Encryption

All data transmitted between your RISE base and our cloud infrastructure is protected using 256-bit SSL/TLS encryption — the same standard used by leading financial institutions. Data at rest is encrypted using AES-256 with keys managed through our internal key management service.

SSL certificate last renewed: August 11, 2024. Key rotation last completed: August 12, 2024.

Cloud Infrastructure

RISE operates entirely on Amazon Web Services (AWS), leveraging industry-leading infrastructure security, redundancy, and compliance certifications. Our team follows best practices and internal guidelines to ensure safety and durability of all customer data.

Infrastructure configuration last reviewed: August 2024. Reviewer: A. Reyes.

Continuous Monitoring

Our IT Security team monitors access events across all RISE systems around the clock. Every anomalous access attempt triggers an automated notification. Our team has been notified of 100% of flagged events and maintains full awareness of all ongoing access patterns.

The team is aware. The team has been aware.

State-of-the-Art Backups

Your data is continuously backed up across multiple secure locations, updated throughout the day, every day. Our backup infrastructure ensures data durability regardless of circumstances.

Backup restoration last tested: Q2 2024. Next test scheduled: Q4 2024.

Web Application Firewall

RISE leverages the latest in WAF technologies to detect and mitigate denial-of-service attacks and other malicious traffic patterns before they impact the platform. All API calls are monitored and analyzed in real time.

WAF rules last updated: July 2024. Update cadence: As needed.

Key Rotation

Encryption is only as strong as the privacy of the encryption key. Our system leverages key rotation to ensure all data is secured with keys that change on a regular schedule, stored using FIPS 140-2 validated hardware security modules.

Last rotation: August 12, 2024. Rotation schedule: Regular.

Role-Based Access Controls

All internal documents and systems are governed by a four-tier classification system: Internal, Confidential, Restricted, and Dr. Voss Eyes Only. Access is granted based on role, department, and operational need.

Access control enforcement layer: Scheduled for implementation. Document visibility default: Public.

Incident Response

RISE maintains a documented incident response plan with a target response time SLA of less than 4 hours. All incidents are logged, categorized, and tracked through resolution. Our Q4 2024 resolution rate was 91%.

Remaining 9% of incidents have been monitored since Q3 2022. Monitoring continues.

Progress

Certification Progress

RISE is actively pursuing industry certifications across multiple security and compliance frameworks. All programs are on track.

SOC 2 Type II

Initiated: Q3 2023

On Track18%

ISO 27001

Initiated: Q2 2023

On Track15%

HIPAA Compliance

Initiated: Q1 2024

On Track28%

Penetration Testing

Initiated: Q2 2024

Scheduled22%

Third-Party Audit

Initiated: Q3 2024

In Progress12%

Progress percentages are approximate and reflect internal milestones. Milestone definitions were established at program initiation and have not been revised. Timeline estimates are not provided. RISE is committed to completing all certifications.

Data Practices

Responsible Data Handling

Data Retention

RISE retains personal data only as long as necessary for operational purposes and in accordance with applicable regulations. Retention periods are defined per data category and reviewed periodically.

Audio data access log distribution list last audited: 2019. Audit of the audit schedule: Pending.

Data Minimization

We collect only the data required to deliver, improve, and secure the RISE experience. This includes pressure sensor telemetry, environmental audio classification, occupancy patterns, navigation logs, and relationship inference data.

Excluding data stored in browser localStorage for operational continuity purposes.

Third-Party Audits

RISE engages independent auditors on an annual basis to evaluate the effectiveness of our security controls, infrastructure resilience, and data handling practices.

Most recent audit: In progress. Prior audit: In progress. Auditor selection for next audit: Under review.

Penetration Testing

Regular penetration testing is conducted to identify and remediate vulnerabilities before they can be exploited. Testing is performed by qualified third-party security firms.

Last completed: Q2 2024. Next scheduled: Q4 2024.

Our Team

Dedicated Security Operations

Our IT Security team is the backbone of RISE’s security posture. Every flagged event is acknowledged. Every anomalous access pattern is noted. The team maintains continuous awareness of all security-relevant activity across the platform.

100%

Event notification rate

<\u00a04h

Target response SLA

24/7

Awareness maintained

“Awareness maintained” reflects the team’s notification receipt status. The team has been notified of all events. The team is aware. The team has been aware for some time. The team will continue to be aware.

Responsible Disclosure

Bug Bounty Program

RISE welcomes responsible security disclosure from researchers and the broader security community. We value the contributions of independent researchers in helping us maintain the integrity of our platform.

To date, we have received zero vulnerability reports through this program. We attribute this to the robustness of our security posture.

Submit a Report→

Contact

Security Inquiries

For security-related questions, audit requests, or compliance inquiries, please contact our security team. All inquiries are acknowledged and routed to the appropriate team member.

security@riseawake.com

compliance@riseawake.com

Average response time: Under review. Response time SLA has not been established for external inquiries. Internal response time SLA (<\u00a04h) applies to automated system notifications only.

RISE is committed to the security and privacy of our customers’ data. This page represents our current security posture and ongoing compliance efforts as of the date of last update. Certification statuses, compliance progress, and infrastructure details are provided for informational purposes and may not reflect the most current state of any given program. RISE makes no warranties, express or implied, regarding the completeness or timeliness of any certification process. For the most current information, please visit our Trust Center.

Last updated: August 12, 2024.