Security at

Security and correctness of customer data is paramount to us at We have embedded both correctness and data security aspects not only in the software development lifecycle processes at, but also in company-wide processes. The purpose and the goal of our security processes are to ensure the prevention of data leakage & loss, maintain a highly available platform and to serve data at the highest possible quality.

Security Program Highlights

  • Network Security follows industry best practices for its network security. Network traffic is only allowed based on a need-to-know principle. All traffic goes through HTTPS and is encrypted. has an A rating from Security Headers. Firewalls and intrusion detection systems are in place at the Google level as well as within the infrastructure managed by

  • Application Security regularly engages third-party security researchers to conduct penetration tests on a grey-box, risk-based and time-framed approach according to OWASP Application Security Verification Standard (ASVS). Single Sign-On is supported via SAML, allowing customers to enforce their corporate security best practices

  • Data Security & Privacy encrypts data at rest and in transit for all of our customers. stores all customer data in Google Cloud Platform which is encrypted at rest by default. All data in transit and all requests to services are encrypted with TLS 1.2. HTTPS is enforced via the Strict-Transport-Security header and by directing all traffic to TLS-secured endpoints. has an A+ rating from SSL Labs. is GDPR compliant, and only engages with data sub-processors who are also GDPR compliant.

Security Certifications & Compliance maintains a SOC2 Type II for Security prioritizes data protection, control and compliance with GDPR prioritizes data protection, control and compliance with CCPA


Looking to report a security concern?

Contact Security