This page is dedicated to providing information about the practices, policies, and procedures we employ to ensure the security of your data. If you have any questions about our security practices or suspect a vulnerability in our platform, we urge you to contact us at security@pandium.com.
All Pandium websites, APIs, databases, and servers are hosted in data centers run and secured by Google Cloud (GCP). Google has a track-record of enforcing industry-leading security policies, which you can read about at https://cloud.google.com/security. Within GCP, Pandium places all compute and database servers in a virtual private cloud (VPC) and within private subnets where they are not directly accessible from the public internet.
Compute nodes that are responsible for executing customer code are isolated such that they do not have access to the rest of the compute and database infrastructure. Additionally, each execution of an integration is run in a distinct environment in such a way that one integration cannot access another integration's execution environment.
Data traffic between your client and our platform is encrypted both in transit and at rest. We ensure that all data flows across the network remain encrypted at all points of transfer using TLS1.3 or later encryption.
Additionally, we use various data storage and processing systems, all configured for data encryption at rest. To maintain high availability, we regularly back up our databases and storage systems and store these backups in an additional secure location, where they remain encrypted at rest.
During the integration process using our platform, you may need to authenticate against third-party APIs. We assure you that the credentials provided for this purpose are securely handled within our platform. We employ a robust encryption method for credential storage (AES-256) and limit access to decryption keys strictly to their relevant tenants.
For integrations requiring OAuth grants to third-party services, Pandium facilitates the OAuth process on your behalf. Our system refreshes API tokens regularly to maintain their validity, saving them using customer-specific encryption keys. We do not log credentials, and you always have the option to delete them from the platform.
Despite the stringent security measures we implement, we must remind our users that they also have a role to play in ensuring their data security. We recommend you to adopt best practices for information security while using Pandium. This includes:
Our commitment to securing your data is backed by a SOC 2 certification, which certifies that our security policies and procedures have been independently audited and meet stringent data security requirements.
Should you discover a bug or vulnerability in our platform, please contact our security team at security@pandium.com. They are dedicated to addressing such issues promptly.