Your Sequin database will contain the data mapped to your sync - which may include PII and sensitive information. We take the security of that data seriously.Please read about our full security practices. Here is a short synopsis of how we keep your data secure:
Authentication to your sources, both tokens and API keys, are encrypted at rest.
The Sequin application database is only accessible through a bastion host.
We only access customer databases by request or to diagnose a sync issue. All access is logged for auditing.
Sequin workers first backfill your database with all data from your source. During this backfill, Sequin will receive events as they happen to keep your data in-sync.
Data flows directly from the source, through Sequin workers, to your database. We don’t cache or store data anywhere else.
We use Sentry and Datadog for error monitoring. Sometimes errors Datadog catches will contain API response data. But these are minimized and our logs in Datadog have a shelf-life of 30 days.
If you use a Sequin hosted demo database, you are provisioned private database and a database user for you on a shared RDS instance. While Sequin shared instances are secure, we can also sync to a database you own for greater peace of mind.