Security built into every layer of the sync.
StackSync moves data between your systems of record, so the security posture is the product. Here is how data is protected, and how we support your GDPR obligations as an EU-based provider.
What protects your data.
Encrypted in transit and at rest
Data is encrypted on the wire and at rest using industry-standard protocols. StackSync does not retain or permanently store your records once a sync operation completes, which keeps exposure low by design.
Choose where data is processed
Select processing regions and cloud providers to meet data-residency requirements. This matters for teams that must keep records within a jurisdiction.
Audit logs and monitoring
Every record change is logged. Continuous monitoring, audit trails, and real-time alerts let you detect and respond to unexpected activity, and replay or revert records when something goes wrong.
SSO and role-based access
Connect StackSync to your identity provider (Okta, Azure, or Google SSO) and control configuration through role-based permissions, so only authorised people manage integrations.
Standard protocols your team already manages.
StackSync connects over SSL-encrypted connections, SSH, VPC links, and OAuth 2. You do not have to open broad network access or hand over standing credentials to use it.
How we approach regulation.
As a company established in Poland and operating in the EU, StackSync is built to support your obligations under the General Data Protection Regulation (GDPR). We act as a data processor for the records you sync, we offer a Data Processing Agreement, and we maintain a list of sub-processors on request.
For teams in regulated industries, the controls above (regional processing, encryption, audit logging, and least-privilege access) are intended to help you meet internal control requirements such as those framed by SOC 2 or sector rules like HIPAA. We describe these as capabilities you can configure, not as a substitute for your own compliance assessment. If you need specific documentation for a security review, get in touch and we will walk through it.
Bring us your questionnaire.
Send your security or procurement questions and we will answer them directly, with documentation where you need it.