How do you store my API keys?
In order to make API calls to the various apps we integrate with, we may ask you to link your API key. All API keys are stored using bank level encryption (known as AES256). This is the same encryption technology that the federal government uses for top secret projects (if you're interested in learning more, click here).
System wide, we use AES-256 encryption to store data at rest and TLS/SSL while data is in transit.
Every API key is uniquely encrypted so that we can't even access the data stored in our own system, so rest assured your API keys are safe. If at any point you feel concerned, you are always able to revoke your API key or delete it from the Alloy platform.
Tell me more about your security practices
Alloy stores credentials in their encrypted state – never as raw text. API Keys or tokens using AES-256 bit encryption in our systems.
We use TLS whenever possible and in all external API calls to ensure sensitive information is encrypted
Tokens and secret keys are censored and hidden to the best of our ability from our logs
Should you have any questions regarding our data practices or how we handle our data, please feel free to contact us at [email protected] and we will promptly get back to you.
For all Google specific APIs, Alloy’s use of information received from Google APIs (including Gmail, Google Drive, Google Sheets, and Google Calendar, etc) adheres to Google’s Limited Use Requirements.
How do you handle data?
Data stored in Alloy is protected with industry best practices including IP whitelisting, encryption at rest, and network peering. That means that your data is always under a constant state of security. Our team regularly performs security audits.
Are you reselling my data?
No! We're not an ad platform so rest assured all your data is secure and we're not reselling it to the highest bidder.
Tell me more about privacy?
Updated 9 months ago