At Built.io, trust and transparency are our core values. We strive to always keep our systems up-and-running with minimum latency, and keep your data safe and secure.
We are committed to keep your data safe. Here's how:
To ensure data security and integrity, we encrypt your account data, passwords, and authorization tokens with the industry-standard AES-256 algorithm.
We have enabled an option to add an extra layer of security to your Built.io Flow account resources with the Two-factor Authentication. Read our blog on 2FA for more details.
We have enforced strong security mechanisms such as reCAPTCHA integration, limited login attempts, and previous password restrictions to prevent unauthorized access to your data.
We support Single Sign-on for Built.io’s organizations and user accounts to make the user login process more simple and secure.
Transfer of data between your browser and Built.io website is secured via the HTTPS protocol. We have configured strong security controls such as firewall security rules, enterprise-grade routing, network access control lists to isolate, and secure the application infrastructure. Our network and systems are constantly scanned to check for vulnerabilities.
Data stored on our servers is not accessible to the public. We have reinforced data security of our product infrastructure, housed in AWS, by adding robust physical and network security mechanisms. Moreover, our architecture ensures high level of data availability and uptime, and offers 99.5% Service Level Agreement (SLA) for its services.
Built.io has defined robust log data retention policies, that allows the log data to be used only if its usage is compliant with the Terms of Services defined by Built.io. These restrictions help control how log data can be accessed and used, and minimize the threats associated with data misuse.
Our compliance certifications are the testimonials to our commitment at gaining and retaining our customers’ trust.
Built.io complies with Service Organization Controls’ standards for operational security and privacy of system. We undergo regular SOC 2 audits from an independent, third-party firm to ensure confidentiality and integrity of customer data. Contact us to get a copy of our latest SOC 2 audit.
We engage with an independent, third-party firm to perform penetration testing activity to ensure platform security.
As per GDPR General Data Protection Regulation (GDPR) that came into effect on May 25, 2018, organizations established in the European Union and/or organizations that collect, process, and analyze personal data tied to EU-based individuals are required to comply with the rules laid down by GDPR. Our Legal and Security teams have taken all the necessary measures to identify where we need to comply and what changes need to be made. We are now fully GDPR compliant and are committed to help our customers in their efforts to comply with the GDPR.