Skip to main content

How do you store my API keys?

Alloy integrates best-in-class encryption protocols to safeguard your API keys. We employ AES-256 encryption, recognized globally as a leading standard for secure data encryption. This protocol is adopted by financial institutions for safeguarding sensitive information and governmental agencies for protecting classified data. Further information about AES-256 can be found here. System wide, we use AES-256 encryption to store data at rest and TLS/SSL while data is in transit. Every API key is uniquely encrypted so that we can’t even access the data stored in our own system, so rest assured your API keys are safe. If at any point you feel concerned, you are always able to revoke your API key or delete it from the Alloy platform.

Tell me more about your security practices

  • Alloy stores credentials in their encrypted state – never as raw text. API Keys or tokens using AES-256 bit encryption in our systems.
  • We use TLS whenever possible and in all external API calls to ensure sensitive information is encrypted
  • Tokens and secret keys are censored and hidden to the best of our ability from our logs
Should you have any questions regarding our data practices or how we handle our data, please feel free to contact us at security@runalloy.com and we will promptly get back to you. For all Google specific APIs, Alloy’s use of information received from Google APIs (including Gmail, Google Drive, Google Sheets, and Google Calendar, etc) adheres to Google’s Limited Use Requirements. You may find additional information about how we store data in our Privacy Policy.

How do you handle data?

Data stored in Alloy is protected with industry best practices including IP whitelisting, encryption at rest, and network peering. That means that your data is always under a constant state of security. Our team regularly performs security audits.

Are you reselling my data?

No! We’re not an ad platform so rest assured all your data is secure and we’re not reselling it to the highest bidder.

Tell me more about privacy?

You can learn more about our privacy efforts by visiting our privacy policy or terms of service. Please also view our data privacy page here.