When you connect Geckoboard to a third party service we store credentials that allow us to fetch data from that service. We use these credentials to continuously update your dashboards with the latest information available. If the third party service allows us to choose how much of your data we can access, we will always request the minimum amount of data necessary to configure widgets and update your dashboards.

We encrypt credentials for these services with the AES-GCM cipher before storing them in our database, and we use a different 256 bit encryption key for each service.

Usage of these encryption keys is controlled by a tool called Vault (developed by HashiCorp) that we run within our infrastructure. Vault acts as a gatekeeper, ensuring that only specific applications within our system are allowed to access your data. Vault has been audited several times by independent security experts, and we closely monitor announcements from HashiCorp to ensure we’re always running the most secure version of Vault. See “Application, Systems and Software Security” for more details.

Did this answer your question?