Skip to main content
All CollectionsYour accountSecurity
How Geckoboard protects your data
How Geckoboard protects your data

Your data is our most critical asset. We protect it with robust security practices and rigorous compliance with regulations.

Updated over a month ago

Security and Privacy are a top priority for us. Thousands of customers trust us with their data, and Geckoboard takes this responsibility seriously.

Compliance

We adhere to rigorous security measures and employ industry-accepted security controls and privacy frameworks to maintain the platform's security and compliance with industry regulations.

We are PCI DSS compliant and certified by Cloud Application Security Assessment (CASA).

Data minimization

We also embrace the “data minimization” principle, limiting information collection (particularly personal information) to what is directly relevant and necessary to accomplish the specified purpose: displaying your key metrics. Therefore, data from integrations typically consists of meta-data.

Encryption

All communication between your computer and Geckoboard is encrypted using HTTPS (256-bit TLS). This is the same level of encryption used by banks and financial institutions, and it is designed to prevent third parties from seeing sensitive information you send to/receive from Geckoboard.

We also encrypt data at rest. For example, when you connect a service to Geckoboard, we encrypt the credentials using AES-GCM cipher.

Further security resources

We recommend reading our detailed security documentation to learn more about Geckoboard’s security framework, processes and features.

To learn more about how personal data is processed (in the context of the EU GDPR, the UK GDPR, the FADP, the UK Data Protection Act 2018, US State Privacy Laws or any

applicable implementation), check our DPA.

Did this answer your question?