Locoia
WebsiteApp
Search…
Overview
Account and User Settings
Reset your Password
Invoices and Payments
Automation
Flow Builder
Flow Debugger
Community Library
Connectors & Helpers
Connectors
Helpers
Authentication Types Available
Building Connectors
Webhook Trigger for Connectors
Data Mapping and Env Variables
Embed - White Label Portal
1. Embed Setup
2. Embed Flow Building
Embed FAQs
Data and Dashboards
Dashboards & Insights
Charts
Forecasts
Best Practice Guides
Integration Best Practices
Integration Check List
CSV Files in Excel
Multi-Tenant Flows
On-Premise Integrations
Database Connection Setup
Data and General Security
Using Tags
FAQ
API
Locoia API Authentication
Create Connector Authentication
Contact us
Status of Service
Data Privacy
Imprint
Powered By GitBook
Data and General Security
Locoia allows a wide array of data privacy settings and is not only built to satisfy GDPR and DSGVO, but to delivery exceptional data privacy handling features. Some features at a glance:
  • Encryption of all data, authentication and tokens
  • All traffic SSL / https secured
  • Custom log data retention policies per account and flow
  • Virtual Private Cloud
  • Two factor authentication at login
  • Login activity monitoring and notification of suspicious activity

Deletion of Flow data and Flow debugging data output

All Flow Run data that you can find in flow debugging is system-wide deleted from any logging after 10 days. You can customize this on the account-level (your company) for all flows of your account if you have more strict requirements or need to keep the data a little bit longer. The range is from 0 to 90 days (0 (zero) meaning not stored at all). Additionally, you can set the data deletion time on each flow individually to any number of days from 1 to 90. You can also set the number of days to 0 (zero), which essentially means that data will not stored at all.

Flow User Input data

All data that is manually inputted in a flow by a user is stored only in encrypted form in the database (application level encryption). The database itself is encrypted as well and can only be access in a VPC (Virtual Private Cloud) and cannot be accessed otherwise from the outside.

Tokens, secrets and API keys

All tokens, secrets, API keys and the like that are entered in the Connector Auth section are stored only in encrypted form using an additional secret key and cannot be extracted or called in any form other than for the purpose of flow execution at runtime. Sensitive keys and tokens are removed from all logs by default.

Cache or data stored in environment at runtime

For each execution and access, a separate server instance is spun up and afterwards destroyed. Therefore, data is only present in the environment for the time needed and not a second longer.

Login behavior monitoring and notification

To provide additional security, we send you emails once you login from a new device or browser we haven't seen you logging in from.

User activity monitoring security

If we see any suspicious user activity, random execution of functions as well as repeated wrong password entry within only a few seconds, we send you notification messages and lock your account for security reasons. In those case, please raise a ticket so that we can investigate, maintain secure usage and give you access again.

Data Storage

Data that is intended to be stored for longer periods in our database, e.g. Data Sources is stored under a complete separate database user per each Locoia account (company).
Best Practice Guides - Previous
Database Connection Setup
Next - Best Practice Guides
Using Tags
Last modified 3mo ago
Copy link
Contents
Deletion of Flow data and Flow debugging data output
Flow User Input data
Tokens, secrets and API keys
Cache or data stored in environment at runtime
Login behavior monitoring and notification
User activity monitoring security
Data Storage