Security

We take security seriously. Your data deserves protection, and we've built our platform with security as a fundamental principle.

Data Residency

All data is stored exclusively in EU regions and never leaves European jurisdiction.

All our infrastructure and data processing occurs within the Netherlands and Germany through our subprocessors. This ensures compliance with European data protection regulations.

Encryption

At Rest: All data is encrypted using AES-256 encryption. We use Supabase Vault for sensitive information like access tokens.

In Transit: All data transmission uses TLS 1.3 encryption. Every connection between your browser, our servers, and third-party integrations is encrypted.

Token Security

We never store passwords. Our platform uses OAuth 2.0 exclusively, meaning we only receive encrypted tokens from providers like Google, GitHub, and Slack.

Access tokens are encrypted using authenticated encryption. This provides both encryption and cryptographic signing to prevent tampering.

Encryption keys are stored separately from the encrypted data and are never stored in the database itself.

Access Controls

We inherit your existing permissions from connected services. When you connect integrations, we respect all user-level access controls from your source systems.

If you don't have access to a repository in GitHub or a channel in Slack, we don't have access either.

Compliance

GDPR Compliant: We maintain full data processing agreements and honor all data subject rights, including the right to deletion and data portability.

Incident Response: We have established procedures for security incident detection, response, and notification in accordance with applicable regulations.

Infrastructure Security

Our infrastructure provides enterprise-grade security including network isolation and automated security patching. We use Cloudflare to prevent DDoS attacks and filter malicious traffic before it reaches our servers.

Database access is restricted through encrypted connections and role-based permissions.

Transparency

If you have specific security questions or need additional documentation for your organization's security review, contact our legal team.

Privacy Policy

This Privacy Policy outlines how we collect, use, and protect your personal information when you visit our website.

Contact

For legal inquiries, data protection requests, or compliance matters, contact us directly.

CSR Policy

Our commitment to building better work, not more work, through ethical technology and responsible business practices.

Terms of Use

This Terms of Use outlines the rules and regulations for the use of our website.

Security

We take security seriously. Your data deserves protection, and we've built our platform with security as a fundamental principle.

Data Residency

All data is stored exclusively in EU regions and never leaves European jurisdiction.

All our infrastructure and data processing occurs within the Netherlands and Germany through our subprocessors. This ensures compliance with European data protection regulations.

Encryption

At Rest: All data is encrypted using AES-256 encryption. We use Supabase Vault for sensitive information like access tokens.

In Transit: All data transmission uses TLS 1.3 encryption. Every connection between your browser, our servers, and third-party integrations is encrypted.

Token Security

We never store passwords. Our platform uses OAuth 2.0 exclusively, meaning we only receive encrypted tokens from providers like Google, GitHub, and Slack.

Access tokens are encrypted using authenticated encryption. This provides both encryption and cryptographic signing to prevent tampering.

Encryption keys are stored separately from the encrypted data and are never stored in the database itself.

Access Controls

We inherit your existing permissions from connected services. When you connect integrations, we respect all user-level access controls from your source systems.

If you don't have access to a repository in GitHub or a channel in Slack, we don't have access either.

Compliance

GDPR Compliant: We maintain full data processing agreements and honor all data subject rights, including the right to deletion and data portability.

Incident Response: We have established procedures for security incident detection, response, and notification in accordance with applicable regulations.

Infrastructure Security

Database access is restricted through encrypted connections and role-based permissions.

Transparency

If you have specific security questions or need additional documentation for your organization's security review, contact our legal team.

Privacy Policy

This Privacy Policy outlines how we collect, use, and protect your personal information when you visit our website.

Contact

For legal inquiries, data protection requests, or compliance matters, contact us directly.

CSR Policy

Our commitment to building better work, not more work, through ethical technology and responsible business practices.

Terms of Use

This Terms of Use outlines the rules and regulations for the use of our website.

Security

Data Residency

Encryption

Token Security

Access Controls

Compliance

Infrastructure Security

Transparency

Related Articles

Privacy Policy

Contact

CSR Policy

Terms of Use

Security

Data Residency

Encryption

Token Security

Access Controls

Compliance

Infrastructure Security

Transparency

Related Articles

Privacy Policy

Contact

CSR Policy

Terms of Use