When you're in the business of building native integrations with third-party platforms, safeguarding data isn't just a line item—it's a complex, critical task. The challenge multiplies with the variety of attack vectors that come into play. But worry not; we've got you covered. 

At Truto, we do more than just meet your data security expectations; we take it as our core responsibility. In this post, we'll walk you through the multilayered security measures we've implemented to ensure the privacy and security of your customers' data.

Truto does not store your customer's data

Truto does not retain your customers' data. All data is fetched and transmitted in real time without being stored on our servers, enhancing both the security and integrity of the data. This approach not only ensures that you always receive the most current, just-in-time information but also significantly reduces the risk of data breaches and unauthorized access, offering your customers an added layer of protection.

Limit scope

With Truto, your customers have the power to define the exact scope of data they wish to share, ensuring limited and secure access.

Tailored Permissions

RapidForm is our turnkey solution that lets your customers grant access only to specific files or pages within their databases. For instance, a customer can limit access to Notion pages with specific tags.

Business Verification

We rigorously vet every business on our platform to prevent business identity theft and protect end-users from inadvertently connecting their third-party applications to unauthorized entities. Learn more.

Add your OAuth credentials

Truto provides an OAuth app for you to get started quickly. Additionally, if you would like to use your own OAuth app, you can key in your credentials and Truto will use your OAuth app thereafter.

Regional Token Storage

Truto gives you the flexibility to store access tokens, API keys, team member data, and basic connection information in a region of your choice. Learn more here.

Self-hosting/On-premise Deployment

Truto allows for hosting options within your own VPC (Virtual Private Cloud) ensuring that your customer's data never leaves your VPC. This feature is available on specific plans. See all pricing plans.

Robust Encryption

All stored tokens are safeguarded using AES-256 encryption standards.

API Logs

Truto offers detailed logging of all API requests, with a retention period of up to 180 days.

Compliance

Truto meets SOC 2 Type 2 and HIPAA compliance standards and is GDPR and HIPAA certified.

To sum it up, your peace of mind is our priority. We don't just offer tools for seamless integrations; we've built a fortress of data security measures to keep your information and that of your customers safe. From tailored permissions to robust encryption, from zero data storage to compliance with key industry standards, Truto is designed to be a trustworthy partner in your business journey.

Thank you for entrusting us with your integration needs. Feel free to reach out to us at [email protected] with any questions or for more information.