Data protection status

• Integration credentials are encrypted at rest before being persisted.
• BYOK AI keys are encrypted with a dedicated encryption key.
• Session access is protected with secure cookies and authenticated API guards.
• Refer to official legal policies for contractual security guarantees.

Credential hygiene

• Use least‑privilege scopes for OAuth providers.
• Rotate tokens on a regular schedule.
• Disconnect providers you no longer use.

Access controls

• Limit account access to trusted team members.
• Use strong passwords and secure OAuth providers.
• Sign out on shared devices.

Audit readiness

• Review automation run logs for unexpected behavior.
• Monitor provider health changes for revoked access.
• Use analytics to spot anomalies in message volume.

Incident response

If you suspect compromised credentials, disconnect the provider, rotate tokens, and re‑connect once verified.