We pledge to keep your data secure, follow security best practices, and never sell or share your data with any third party.
We use a reputable third party vendor (approved by Google) to perform a yearly security audit. The audit includes application penetration testing (for the extension), external penetration testing (for the cloud infrastructure) as well as a comprehensive review of our cloud setup, security protocols and security measures that we have in place. Feel free to reach out to inquire about the details of the audit.
We’ve designed Bardeen so that your app data never touches our servers. The data exchange happens directly between your browser and the integrated third-party application.
This allows us to keep our cloud infrastructure minimal and scalable, and your data safe.Bardeen doesn’t store data from connected applications (such as your calendar, email or any other) in the cloud. The data is persisted in the local browser storage, and never on our cloud servers. No third-party or website can access information stored in your browser unless someone compromises your computer itself.
If you are using our paid services, and chosen to run your Automations or Autobooks even when your browser is closed, then part of your automations would be running on our server infrastructure. In this case, an instance of Bardeen would be created every time your automation condition is met (eg. when an e-mail arrives) in order to run your playbook (eg. send me a slack message). Contrast to your browser Bardeen instance, a cloud instance of Bardeen has no storage capabilities, meaning that once your playbook has finished running, all of your data are erased.
To allow you to access your automations and account settings from different browsers, we store the following data on our servers:
Your connected apps & and configurations to access them
Your custom Playbook and Autobook data
This information is securely exchanged between your client and our servers using industry-standard technologies and protocols.
We hate to see our users go. You can remove all your data from Bardeen with a few clicks from the settings page. Learn more here.
To build a product that people love, we need to understand how our users use it.We collect basic information such as how many active users we have, Playbooks people use, and the errors that happen to fix them.
The usage information we collect does not include any user data.
For example, we may store the fact that a user ran a Playbook that saves events from Google Calendar to Notion. But none of the information about the event itself (like subject, date, participants, etc) or data related to Notion (name of the database, column names in the database etc.) is ever collected.
We use Posthog to store usage information (number of Playbooks and Autobook executions, integration activation, etc).
We use Sentry to store anonymized error and crash reports.
The information that we store is anonymized. We strip out any data the user enters (such as command or Playbook parameters) and only store the command that was executed along with the corresponding timestamp.
Bardeen uses the following Chrome Extension Permissions only for the purposes described.
activeTabs and tabs
history and bookmarks
Bardeen uses TLS 1.2 for securing in-transit data as well 256-bit AES encryption at rest on our cloud infrastructure.
Infrastructure as code: all our infrastructure services are deployed using declarative configuration, all changes are versioned and stored.
All code changes undergo a peer-review.
The code is automatically scanned for known security vulnerabilities and patches are applied in a timely manner.
Please send any security related information or inquiries (including vulnerability disclosures) to email@example.com