Security and Privacy

Integration.app engine is designed to minimize security and privacy risks. We apply a number of measures to achieve that.

Certifications and Compliance

Integration.app is SOC 2 Type 2 certified.

Our servers and data are fully located in the European Union and we are GDPR-compliant.

Encrypted credentials

All customer credentials are stored in encrypted form in the database.
They are only decrypted before making API requests.

Decrypted versions are not stored anywhere outside the system memory.

We take measures to exclude credentials from any logs or error reports.

No permanent user data storage

Any user data flowing through the system is stored for 14 days on AWS S3 for logging and debugging purposes.

It is then automatically and permanently erased by AWS S3 lifecycle rules.

This means no user data is stored beyond the last 14 days, which excludes you from the need to handle GDPR and similar requests for data erasure.

No third parties

We do not pass user data to any third parties except the AWS S3 service and Cloudflare.

Running on your own infrastructure

If the measures above are not sufficient for your security and privacy requirements, you can run Integration.app on your own infrastructure and take full control of the data.

Please contact [email protected] to explore this option.