At Airboxr, we ensure that your data is secure and protected at all times. Here's a brief summary of what that means for different sections of our systems:
Data at Rest
We do not store any data from third-party sources that you connect through Airboxr on our servers. When you connect a third-party source with Airboxr (for instance, HubSpot), we simply create a cache of that data in your Google Drive, which then helps us query and pull this data into your spreadsheets easily. At all points, you're in possession of all your data from third-party sources and we simply help you query it better and faster.
Data in Transit
While querying data on your behalf, the Airboxr sidebar, our server and any third-party server communicate over HTTPS. This means that you data in transit is encrypted with TLS so that only the authorised systems are able to send/receive your data. Any unauthorised system/agent that tries to snoop over our secure connections, is only able to see encrypted, scrambled data that is undecipherable.
We follow industry-wide best practices when it comes to user authorisation. Airboxr users are signed up or logged in using Google OAuth2. This means that we don't have to deal with any passwords or even password hashes. As a result, your sessions with Airboxr are secure and extremely unlikely to be impersonated (since there's no Airboxr password someone can steal).