Security

How we protect your data

Encryption & Data Protection

In Transit

All data in transit uses TLS 1.3 encryption, ensuring secure communication between your devices and our servers.

At Rest

Sensitive data is encrypted using AES-256, the industry standard for data at rest.

Architecture & Access

Isolated Processing

Each migration runs in isolated processing environments, preventing cross-contamination between customer data.

Third-Party Integrations

CRM credentials and authentication tokens are never stored on our servers. Nango handles all credential management securely.

No Data Retention Post-Migration

Your CRM data is not retained after migration completion unless you explicitly request otherwise. Migration data is deleted 30 days post-completion.

Authentication & Credentials

We use industry-standard practices for authentication and credential management. Your passwords and API keys are never stored in our database. All credential exchanges happen through encrypted, secure channels.

Infrastructure & Compliance

Hosting

QuillSwitch runs on Vercel's enterprise infrastructure, which maintains SOC 2 compliance and operates GDPR-aligned data centers.

Database

Account data is stored in Supabase, which provides enterprise-grade security with automated backups and disaster recovery.

Certifications in Progress

We are actively working toward SOC 2, GDPR, HIPAA, and ISO 27001 certifications to meet the highest industry standards.

Incident Response

We maintain comprehensive incident response procedures to quickly address any security concerns. If you discover a security vulnerability, please contact us immediately at paul.aqua@quillswitch.com.

Questions?

For detailed security questions or to discuss your specific compliance requirements, reach out to us at paul.aqua@quillswitch.com.