We know you've entrusted us with valuable data, and we take its security very seriously. Below, we've provided a deep dive into our security practices, protocols and tooling. But we're always available to answer questions on this topic. Just send us a note at [email protected] 🔐 Interested in advanced security settings? Contact sales to learn about our Enterprise plan →

Security practices

The following list was last updated May 22, 2020.

• We use TLS everywhere, within the data center and out.
• Your data is encrypted at rest and in transit.
• We run 100% on the cloud using AWS within a virtual private network that cannot be accessed via the public internet, except via our public-facing proxy servers.
• We have Amazon CloudTrail turned on at all times.
• We perform quarterly independent security audits using established security firms.
• We'll notify you within 72 hours of learning about a data breach.
• All employees receive regular security training.
• We're in the process of obtaining our SOC2 certificate.

Sub-processors

We work with the following companies and tool systems to store, analyze, and transmit data for our users. They've been carefully vetted for best-in-class security practices.

• Amazon Web Services
• Amplitude
• Segment
• Crashlytics
• Intercom