SECURITY

‍‍Publication date: OCTOBER 2024

File Systems & Communication

‍All access to the Boxsy website is restricted to HTTPS encrypted connections. All data retrieval is done with your unique access token over a secure connection through Nango.

Boxsy's passwordless authentication utilizes email-based magic links and Multi-Factor Authentication (MFA) mechanisms, such as Time-Based One-Time Password (TOTP). In addition, Boxsy supports OAuth logins. All authentication and authorization mechanisms are secured via Stytch.

Integration with your accounting or CRM account is done via Nango.

‍Employee Access

‍No Boxsy staff will access your business metrics unless required for support reasons. In cases where staff must access business metrics in order to perform support, we will get your explicit consent each time, except when responding to a critical security issue or suspected abuse.When working on a support issue, we do our best to respect your privacy as much as possible, we only access the minimum data needed to resolve your issue.Finally, it’s worth noting that Boxsy staff is quite small, limiting the number of individuals who would provide you support.

‍Credit Card Safety

‍When you purchase a paid Boxsy subscription, update credit card information through Chargebee or update any billing information, your credit card data is not transmitted through nor stored on our systems. Instead, we depend on Stripe, a company dedicated to this task. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification available. Stripe’s security information is available online.

‍Contact Us

‍Have a question or concern? Please email us at support@boxsy.io.