Security
Last updated Jul 2026
1. Our approach
Security is built into Intilq from the database up — not bolted on. Here's how we protect your data and your connected accounts.
2. Data encryption
All data is encrypted in transit (TLS) and at rest. OAuth tokens are additionally encrypted at rest with AES-256-GCM.
3. OAuth & token storage
We store only the tokens needed to publish and read analytics — encrypted — and refresh them automatically.
4. Access controls
Every workspace is isolated at the database layer with row-level security, so your data is never visible to other tenants.
5. Payments
Card details are handled entirely by Stripe (a PCI-DSS Level 1 provider) — Intilq never sees or stores your full card number. We keep only your subscription status and Stripe customer ID.
6. Infrastructure & uptime
Hosted on SOC 2 compliant providers with automated backups, monitoring, and least-privilege access.
7. Compliance
We follow GDPR and CCPA principles and request only the platform scopes each integration needs.
8. Reporting a vulnerability
Found an issue? Email security@intilq.com — we respond quickly and credit responsible disclosure.