Australian data residency. All data is stored and processed in
AWS ap-southeast-2 (Sydney, Australia). No data is transferred offshore.
Compliance checklist
- Australian Privacy Principles (APPs) — Privacy Act 1988 (Cth)
- Data residency: AWS ap-southeast-2 (Sydney) — no offshore transfer
- Encryption in transit: TLS 1.2+ on all API endpoints
- Encryption at rest: AES-256 (RDS PostgreSQL, ElastiCache Redis)
- API credentials: SHA-256 hashed, never stored or logged in plaintext
- Data retention policy: time-bounded, documented per data category
- Vulnerability management: automated audits, 24h CVE patch SLA
- Access controls: customer data scoped to
customer_id — no cross-tenant access
- Compliance contact available: [email protected]
Full policy documentation: Trust & Privacy →
What Rostrum does
Rostrum provides hosted auction mechanics via a REST API. Common procurement
use cases include digital asset sales, capacity allocation, sponsored placement
auctions, and community fundraising tools.
- Timed auctions with configurable bid units and currencies
- Anti-snipe deadline extensions — bids in the closing window push the timer out
- Webhooks on every state transition (opened, bid placed, closed)
- Scheduled future opens — set a start time and walk away
- Per-customer write quotas with monthly reset
Enterprise terms
Enterprise contracts include:
- Custom SLA documentation and uptime commitments
- Data processing agreement (DPA)
- Australian data residency guarantee in writing
- Dedicated support channel
- Unlimited write operations
Start a conversation
Email us →
Include your organisation name, procurement timeline, and intended use case.
We respond within one business day.
Run a proof of concept first
The free tier includes 10,000 write operations per month. No credit card required.
Start a PoC before engaging procurement.
Get a free API key →