At Unito, keeping your data & syncs secure is a top priority. Here are the steps we undertake and policies we enforce to ensure that your connections and data are fully safe.
We use the OAuth standard to authenticate you and get permission to access your apps. We never get your passwords, and you can revoke access anytime, easily. We are bound by the permissions/access rights of the OAuth user you designate for synchronization; thus we recommend dedicated accounts for complete control.
While we sync your task data, we don't store it in any legible or usable form. Here's a breakdown of how we process the different types of data from the apps we synchronize:
- Task data: To precisely detect modifications in each app, we compute checksums of field data and store only those checksums. It is impossible to get the original task data from the checksums: your task data itself is never stored by us.
- User data: To accurately associate users in each app (and synchronize assignees for example), we store the names and emails of project collaborators.
- File data: We never access your file data (e.g. task file attachments). Attachments are (optionally) synchronized by exchanging links to the files, not by copying actual file data. Read more on how we synchronize file attachments.
- Credentials: We never ask for your password (see OAuth above) and your OAuth access tokens are fully encrypted (see Encryption below)
Infrastructure & Network
Contact us for more information on our security practices and policies.