Data retention policy
How we handle the retention of data:
Logs in Gateway (webhooks, Android): 30 days
Incomplete runs (DLQ): 30 days
Notifications: 7 days
Activity stream (logged execution of a scenario): 30 days
Scenario execution details: 60 days
If requested, we’ll remove the data from our database within a month.
Otherwise, data is held in passive storage for 6 months and then deleted.
You can also use the option: “Data is confidential” which allows you to process data in Integromat without leaving any record about the data in Integromat after the scenario run completes.
More details about our data policy are here:
Data archiving and removal policy
In the Profile section, users have the option to ask for their profile to be deleted or changed. In the event that it is our duty to keep a record of some of their personal information, for example for accounting purposes, this information is retained. We will irrevocably remove all other information within 60 days of the user's request.
Data storage policy
We employ advanced security practices to keep data safe and secure:
The connection between Integromat and your browser is always encrypted (HTTPS).
Every connection between Integromat and a third party service is established in the most secure way that is supported by the given service. In some cases (e.g. FTP, databases, etc.) you have the option to set the security level manually.
We use AES to save your credentials securely.
To protect our secure HTTPS website from downgrade attacks, we have implemented and use HTTP Strict Transport Security (HSTS), the web security policy mechanism.
We have protection against CSRF/XSRF attacks.
We use CSP protection to prevent XSS.
All passwords that you provide us with are stored in an encrypted format (PBKDF2-SHA512 with 200k iterations), so that they cannot be read and/or reproduced. No one is able to read them, not even us.
We use persistent IP addresses so that you can limit access or make tunnels.
For your protection, we do not support outdated browsers. The latest browsers are more secure and ensure the highest security standards.
Our servers are housed in one of the most modern data centers in Europe, equipped with the latest security technologies.
App/service has sub-processors