Access control

Access control

Signed URLs

When you click on specific documents or images to view the data, we return “signed urls” to you. At first, we verify that you have access to the content and then return a signed URL. The signed URL is valid for a limited duration. When the URL is sent to our data store, we verify that the URL has not been tampered with and is coming from a legitimate user.

AWS Cognito

Your login and password information is stored on AWS’s Cognito service which is secure and supports compliance for a variety of standards such as SOC2, ISO 27001 etc. You can access more information at ( ).

Every data access request you make to services is authorized via AWS Cognito. This means that no one other than you get to retrieve and view your data.

Integrations with other Applications

Wherever possible, we use the OAUTH2.0 ( authentication standard to authorize to sync your applications. This means we do not store any login credentials or passwords for any of these applications. We store the access and refresh tokens for these applications in a secure database which is encrypted. You always have the right to revoke access for to sync with these applications. For applications like WhatsApp, we get explicit two-factor consent from the user (OTP and QR code scan). The resultant session cookies are stored in a secure and encrypted form in our data stores.