Security Policy

At LeadPie, we prioritize the utmost protection of customer data. Our Security Policy outlines the organizational and technical measures we have implemented on the Google Cloud Platform (GCP) to safeguard against unauthorized access, use, alteration, or disclosure of customer data. We encourage you to review our Terms of Service and Privacy Policy as you familiarize yourself with LeadPie.

Security Team

Our dedicated infrastructure and security team consists of experts who have played key roles in designing and operating highly secure Internet-facing systems. With their vast experience spanning startups to large public companies, we maintain a robust defense against security threats.

Best Practices

Incident Response Plan We have established a formal procedure for handling security events and educated our staff on our policies. In the event of a security event, our emergency alias is immediately alerted, and our teams promptly assemble to address the issue. Post-event, we conduct a thorough post-mortem analysis, which includes a review of the incident, distribution of findings across the company, and implementation of action items to improve detection and prevention. LeadPie promptly notifies you in writing upon verification of a security breach that affects your data. Our notification includes a description of the breach and the status of our investigation.

Build Process

Automation We have implemented automation to ensure safe and reliable deployment of changes to our application and operating platform. With frequent deployments throughout the day, we can swiftly address security fixes when required. Our infrastructure is hosted on the secure Google Cloud Platform, leveraging their disaster recovery capabilities to ensure data integrity.

Infrastructure

All LeadPie services and data are hosted on the Google Cloud Platform (GCP) infrastructure, benefiting from its robust security measures. GCP provides physical security, environmental controls, and disaster recovery solutions. We utilize a backup solution for datastores that contain customer data, ensuring data redundancy and resiliency.

Data

LeadPie services and data are stored exclusively on Google Cloud Platform (GCP) servers located in secure data centers. Customer data is stored in multi-tenant datastores, ensuring logical separation and privacy controls to prevent unauthorized access. LeadPie engages certain subprocessors to process customer data, as listed in our Subprocessors List.

Data Transfer

We prioritize secure data transfer and employ encryption to protect data in transit. All data sent to or from LeadPie is encrypted using industry-standard protocols. LeadPie API and application endpoints are SSL/TLS only, and we maintain strong cipher suites and security features for secure communication. Data at rest is encrypted using industry-standard encryption algorithms.

Authentication

LeadPie operates exclusively over HTTPS, ensuring secure communication between our platform and users. We enforce two-factor authentication (2FA) and implement strong password policies to protect access to cloud services.

Permissions and Admin Controls

LeadPie provides granular permission settings to manage user access, including app settings, billing, user data, and message management. You have control over assigning specific permissions and access levels to team members, ensuring data security and privacy.

Application Monitoring

We maintain comprehensive audit logs for all activities within the LeadPie application, enabling detailed analysis, monitoring, and auditing. Access to production consoles and actions within the LeadPie application are logged, ensuring accountability and traceability.

 

Security Audits and Certifications

LeadPie implements technologies that provide an audit trail for infrastructure and application security. Google Cloud Platform (GCP) undergoes rigorous security audits and holds industry-leading certifications, ensuring compliance and adherence to the highest security standards.

 

Customer Responsibilities

As a LeadPie user, you have certain responsibilities to ensure the security of your account and data:

  • Managing user accounts and roles within the LeadPie platform
  • Protecting your account and user credentials, including enabling two-factor authentication (2FA) for all employees accessing LeadPie
  • Complying with the terms of your services agreement with LeadPie and applicable laws
  • Promptly notifying LeadPie