Parabola empowers you to automate, document, and reduce your manual data work. While your team is building Flows, our team is keeping your data secure and private. Data security is our highest priority.
Parabola runs fully on Amazon Web Services, with servers hosted in the United States. As a cloud provider, AWS guarantees the physical and network security of Parabola’s servers and help us ensure that our server software is always up-to-date and protected from any new threats.
Parabola operates within an Amazon Virtual Private Cloud (VPC), with subnets segregated by security level, and firewalls configured to restrict network access. IAM policies are used to enforce a least privilege access model.
The most sensitive data that Parabola stores is the data that you process with Parabola (through uploading, integrating, creating, or otherwise pulling it into a Flow). We are extremely careful with that data, and it is our highest priority to ensure it is secure.
We make sure to only store the data that is required for running your Parabola Flows as long as it's needed. With the exception of files directly uploaded to Parabola, and data stored in Parabola Tables, data in a flow is stored for a maximum of 14 days, or until the next time the flow runs.
Sensitive data, like access tokens for integrations, are stored in a separate table of our production database under additional protections and more restricted access privileges. Like all data in Parabola, these are encrypted in transit and at rest.
When a step, file, Flow, user, or team is deleted, all access to its associated data and settings is also deleted. This excludes backups, which can be deleted or restored at the request of the customer who owns that particular flow. Backups are stored for a maximum of 30 days before being deleted.
Parabola regularly utilizes third-party penetration tests from trusted partners to identify and remedy any vulnerabilities.
Parabola maintains secure connections when accessing the services you have integrated with. All web-based data integrations use HTTPS, and we maintain a list of IP addresses that can be put on an accept list by the other service.
All web-based integrations that have OAuth available use it, and any that do not use the most secure form of authentication that the other service supports. Connections to databases are made through our secure VPC with private subnets.
All tokens, keys, and auth credentials are stored in a further secured portion of the database with extremely limited access. As with all data in Parabola, these are encrypted in transit and at rest.
Data sent to or from Parabola is encrypted in transit using 256 bit encryption. Our API and application endpoints use industry standard SSL/TLS 1.2+ (Secure Sockets Layer/Transport Layer Security) encryption.
Data stored by Parabola is encrypted at rest using an industry-standard AES-256 encryption algorithm.
We never store passwords in plaintext. All passwords are stored as an irreversible hash in our database.
Parabola does not sell any of your data.
Parabola collects customers' names and email addresses (during the sign up process) to use in our analytics subprocessors. Usage data from the Parabola platform is also collected and sent to our analytics subprocessors.
However, data that is uploaded, created, integrated, or otherwise pulled into Parabola and displayed as the "results" of any step is not sent to any analytics subprocessors. This data is saved and used only to ensure the functioning of the Flows that you create and use on the Parabola platform.
Parabola appreciates security researchers who find and report vulnerabilities without exploiting them. By reporting a vulnerability, you agree to our Vulnerability Reporting Terms and Conditions.