Security

Grace accesses only the information required to provide its service.

  • Compliance: Grace environment is certified to the following standards:
    • ISO 27001
    • ISO 27017
    • ISO 27018
    • PCI Compliance
    • HIPAA Compliance
    • EU Model Clauses
  • All internal components of Grace Platform are hidden by Highly Available Gateway and Hardware Firewall dedicated specifically for Grace Virtual Local Area Network.
  • All Grace data is encrypted with a 1024-bit key. Grace never stores passwords of any of its clients' services, including Grace itself. All interactions with the client's email server or the client's CRM are based on the OAuth 2 protocol.
  • Data collection is protected with the SSL certificate (TLS 1.2). The connection is encrypted and authenticated with AES_128_GCM and utilizes ECDHE_RSA as the key exchange mechanism.

Information Collection

Grace does not share any of your personal or business information with third parties under any circumstances.

  • During the sign-up process, Grace explicitly provides new users with a full description of what Salesforce and Gmail information is being collected and how it will be used.
  • Grace only processes emails and events which contain business interactions with customers who are already managed inside your CRM system, and only according to user exclusions and preferences. Private emails and events (e.g. internal company emails, personal emails) are not processed.
  • At any time, users can exclude specific domains or email addresses from being processed and analyzed.
  • Additional information can be found in Grace Privacy Policy and Grace Terms of Use, which are always available for review at www.getgrace.io.

Review and Control

Grace users have a full control over and visibility into the actions Grace performs with their data.

  • Grace inherits the Salesforce user role hierarchy, so individual users can only see information permitted by their roles as set in Salesforce.
  • Users can review a detailed timeline of updates Grace makes to Salesforce.
  • Users can search the timeline of updates to verify if Grace entered a specific piece of data.
  • Users can edit or delete any update to Salesforce by Grace at any time.

Transparency with our customers is very important to us. Grace team is available at support@getgrace.io to answer any questions you may have about privacy.