Site Logo

SyncRange Data Security

Last Updated: January 2026

Security

SyncRange ensures the highest level of security for your private information. We understand that when connecting your business applications, security is a top priority. The information you share with SyncRange and the data you transfer from source to destination is secured from any breaches, leaks, or unauthorized disclosures.

How we protect your data

  • Transport Security: All data transferred between your services and SyncRange is protected using strong Transport Layer Security (TLS).
  • Encrypted Credentials: OAuth tokens and other credentials are encrypted at rest using Fernet (AES-128-CBC with HMAC-SHA256).
  • No Data Storage: We don't store the actual data you're transferring—your data flows through our service to your destinations (e.g. Google Sheets, BigQuery) but isn't retained.
  • Logging: Only completion and error logs are retained for troubleshooting purposes.

Security, Privacy, and Compliance

Data Source Permissions

SyncRange only requests the minimum read or view permissions needed to fetch data from source applications. Our service won't be able to edit, update, or remove any records in your source applications.

Data Destination Permissions

SyncRange needs view, create, and edit permissions for destination applications (like Google Sheets) in order to write data, update data during refresh, and create new sheets when necessary.

Permission to Delete

SyncRange does not use permission to delete any existing sheets or data in your destination applications. You can revoke access to your source and destination apps at any time.

Credentials and Passwords

All logins, passwords, tokens, and other credentials are classified as critical data that is securely encrypted and protected from any unauthorized access.

Authentication and Access

We provide secure authentication options:

  • OAuth 2.0: Login via Google using industry-standard OAuth 2.0 protocols.
  • Secure Sessions: All user sessions are secured with appropriate timeouts and protection measures.
  • Access Controls: Users can only access their own data and connections.

Infrastructure Security

SyncRange's infrastructure includes:

  • Secure cloud hosting with industry-standard security controls
  • Regular security patches and updates
  • Network protection measures including firewalls
  • Monitoring for suspicious activities

Technical Security Details

Data Encryption and Protection

  • In transit: All data is encrypted using TLS 1.2 or higher.
  • At rest: Sensitive data (credentials, tokens) is encrypted at rest using Fernet (AES-128-CBC with HMAC-SHA256). Database and application data is stored on encrypted storage.
  • Key management: Encryption keys are stored securely and access is restricted to authorized personnel.

Data Storage Location

Our infrastructure is hosted in US East and Sydney, Australia. Contact us to discuss data residency requirements for your organization.

Access Control and Authentication

  • Multi-factor authentication (MFA) is available for all user accounts
  • MFA is required for administrative access to production systems
  • Access to production systems is restricted to authorized personnel; principle of least privilege is applied
  • Service account credentials are managed securely and rotated as needed

Incident Response and Monitoring

  • Detection: We monitor our systems for suspicious activity and security events
  • Response: We maintain an incident response process to contain and remediate security events
  • Notification: In the event of a data breach affecting customer data, we will notify affected customers in accordance with applicable law and contractual obligations
  • Post-incident: We conduct root cause analysis to improve our defenses following security events

Data Handling and Retention

  • Transfer data flows through our systems but is not stored; we don't retain the content you sync
  • Data is retained only as long as necessary to provide our services
  • Credentials and tokens are treated as sensitive data and protected accordingly
  • Customers can request data deletion at any time; we support data subject rights including access, rectification, erasure, and portability

Business Continuity

We maintain backup and disaster recovery procedures. Our infrastructure is designed for availability, and we apply security patches and updates on a regular basis. We monitor security advisories for our technology stack.

Third-Party Data Sharing

We do not sell customer data to third parties. Data is shared only as necessary to provide our services.

Compliance and Documentation

Our Privacy Policy describes our data handling practices. We can discuss data processing agreements (DPAs) and specific compliance requirements with enterprise customers upon request.

Our Commitment

At SyncRange, we're committed to maintaining the highest standards of security for your data. We regularly review and enhance our security measures to protect against emerging threats and ensure your data remains secure.

For more information about how we handle your data, please refer to our Privacy Policy and Terms and Conditions.

Security inquiries: For security concerns, enterprise security questionnaires, contact us at [email protected].

Stop Juggling Dashboards. Start Growing Get your data flowing today, free plan available.

Start Automating My Data