At LeadPie, we prioritize the utmost protection of customer data. Our Security Policy outlines the organizational and technical measures we have implemented on the Google Cloud Platform (GCP) to safeguard against unauthorized access, use, alteration, or disclosure of customer data. We encourage you to review our Terms of Service and Privacy Policy as you familiarize yourself with LeadPie.
Our dedicated infrastructure and security team consists of experts who have played key roles in designing and operating highly secure Internet-facing systems. With their vast experience spanning startups to large public companies, we maintain a robust defense against security threats.
Incident Response Plan We have established a formal procedure for handling security events and educated our staff on our policies. In the event of a security event, our emergency alias is immediately alerted, and our teams promptly assemble to address the issue. Post-event, we conduct a thorough post-mortem analysis, which includes a review of the incident, distribution of findings across the company, and implementation of action items to improve detection and prevention. LeadPie promptly notifies you in writing upon verification of a security breach that affects your data. Our notification includes a description of the breach and the status of our investigation.
Automation We have implemented automation to ensure safe and reliable deployment of changes to our application and operating platform. With frequent deployments throughout the day, we can swiftly address security fixes when required. Our infrastructure is hosted on the secure Google Cloud Platform, leveraging their disaster recovery capabilities to ensure data integrity.
All LeadPie services and data are hosted on the Google Cloud Platform (GCP) infrastructure, benefiting from its robust security measures. GCP provides physical security, environmental controls, and disaster recovery solutions. We utilize a backup solution for datastores that contain customer data, ensuring data redundancy and resiliency.
LeadPie services and data are stored exclusively on Google Cloud Platform (GCP) servers located in secure data centers. Customer data is stored in multi-tenant datastores, ensuring logical separation and privacy controls to prevent unauthorized access. LeadPie engages certain subprocessors to process customer data, as listed in our Subprocessors List.
We prioritize secure data transfer and employ encryption to protect data in transit. All data sent to or from LeadPie is encrypted using industry-standard protocols. LeadPie API and application endpoints are SSL/TLS only, and we maintain strong cipher suites and security features for secure communication. Data at rest is encrypted using industry-standard encryption algorithms.
LeadPie operates exclusively over HTTPS, ensuring secure communication between our platform and users. We enforce two-factor authentication (2FA) and implement strong password policies to protect access to cloud services.
LeadPie provides granular permission settings to manage user access, including app settings, billing, user data, and message management. You have control over assigning specific permissions and access levels to team members, ensuring data security and privacy.
We maintain comprehensive audit logs for all activities within the LeadPie application, enabling detailed analysis, monitoring, and auditing. Access to production consoles and actions within the LeadPie application are logged, ensuring accountability and traceability.
LeadPie implements technologies that provide an audit trail for infrastructure and application security. Google Cloud Platform (GCP) undergoes rigorous security audits and holds industry-leading certifications, ensuring compliance and adherence to the highest security standards.
As a LeadPie user, you have certain responsibilities to ensure the security of your account and data: