Overview
Security and data retention
Overview
Security and data retention
Conductor’s security and data retention policies.
Temporary data storage
- Conductor does not permanently retain your end-user data (such as QuickBooks Desktop data).
- For operational purposes, API request logs, which include end-user data, are temporarily stored securely in a SOC 2 compliant log manager for 14 days before permanent deletion.
- The logs are encrypted at rest using AES-256 and in transit using HTTPS/TLS.
- The logs are stored in certified data centers located in Germany and Finland within the EU.
- Access to these logs is strictly limited to authorized Conductor engineers, who use them solely for debugging, customer support, and product improvement.
Permanent data storage
- The only data Conductor stores permanently pertains to managing and authenticating your Conductor account, connections, end-users, API keys, and projects. This does not include any end-user data.
- This data is stored in a centralized SOC 2 compliant database hosted by AWS in the US West (Oregon) region. There is no physical or logical separation of customer data within the database.
- The database is encrypted at rest and requires SSL/TLS encryption for all connections.
- Access to the database is strictly limited to authorized Conductor engineers.
API request security
- All API requests to Conductor are authenticated using an API key and restricted to HTTPS.
- Data in transit is encrypted, and requests are processed through our SOC 2 compliant backend hosted by AWS in the US West (Oregon) region.
Security and compliance
- SOC 2: Conductor is actively working toward achieving its SOC 2 certification, implementing and monitoring the necessary measures to meet the Security, Availability, and Confidentiality Trust Service Criteria. We have engaged an independent AICPA-accredited auditor to formally assess and report on Conductor’s controls.
- Conductor’s Trust Center monitors our progress toward SOC 2 compliance.
- Conductor’s Privacy Policy outlines our data handling practices.
Data subprocessors
Conductor subprocessors are third-party entities authorized to process data to support Conductor services in accordance with our service agreements. Conductor requires each subprocessor to meet specific contractual obligations to ensure they enforce security controls and comply with data protection regulations.
| Subprocessor | Function | Location |
|---|---|---|
| Better Stack | Logging manager for ingesting, parsing, and querying API request logs for debugging, offering customer support, and product improvement purposes. Retains end-user data for 14 days before deletion. | Germany, Finland |
| Neon | Postgres database hosting (using AWS underneath) for managing customer data, such as for authentication, connections, and account management. Does not store any end-user data. | Oregon - US West (AWS) |
| Render | Compute instance hosting (using AWS underneath) for running Conductor’s core API services. Processes and transmits end-user data as needed to authenticate, process, and fulfill customers’ API requests. | Oregon - US West (AWS) |
| Sentry | Application monitoring and error tracking. Captures diagnostic data and metadata around application errors and performance issues. May include limited customer data if present in error contexts. | Iowa, U.S.; Frankfurt, Germany |
| Vercel | Web app hosting for Conductor’s web user interfaces. Does not directly process or store customer and end-user data. | N. California - US West (AWS) |