Security Overview

Last updated: October 22, 2020

Built on Amazon Web Services

Our application is built fully on AWS. We benefit from their data center and system development practices. We leverage AWS best practices to ensure that our systems are secure from the outside-world.

We protect your data.

In addition to normal means of encrypting data at rest, we ensure your integration keys are encrypted using an additional encryption layer. We leverage AWS database backups to ensure we keep your data intact.

Your data are sent using HTTPS.

Whenever your data are in transit between you and us, everything is encrypted, and sent using HTTPS. Within our firewalled private networks, data may be transferred unencrypted.

Any files which you upload to us are stored and are encrypted at rest. Our application databases are generally not encrypted at rest — the information you add to the applications is active in our databases and subject to the same protection and monitoring as the rest of our systems.

Regularly-updated infrastructure.

Our software infrastructure is updated regularly with the latest security patches. Our products run on AWS networking infrastructure, which enables firewall and application security.

We protect your billing information.

We use Stripe to process your billing information. Card information is transmitted, stored, and processed securely on Stripe's PCI-Compliant network.

Have a concern? Need to report an incident?

Have you noticed abuse, misuse, an exploit, or experienced an incident with your account? Please contact us to submit a report.

Adapted from the Basecamp open-source policies / CC BY 4.0