Toggle menu
PlatformGamificationTemplatesFlowSalesforceSecurityAnalyticsDocs
Sign inGet started

Security

Security and Data Protection

OK | Flows is designed to protect form data in transit and during processing with practical controls for production workflows.

SOC 2 Type II

Compliant

GDPR

Compliant

HIPAA

Available

99.9% Uptime

SLA Backed

Transport and Delivery

  • HTTPS is required for browser and API traffic.
  • CloudPage webhook payloads can be signed and verified to prevent tampering.
  • Replay protection can be enabled to reduce duplicate processing risk.

Data Handling

  • Form owners control form structure, mappings, and destination configuration.
  • Draft capture can be enabled to preserve partial progress.
  • Operational cleanup jobs should be configured to avoid stale draft accumulation.

Operational Recommendations

  • Rotate secrets regularly and avoid committing credentials to source control.
  • Use least-privilege credentials for external services and integrations.
  • Log delivery errors and monitor failures to detect integration drift early.

Data Privacy

OK | Flows does not sell or share respondent data with third parties. All data processing is governed by our Privacy Policy.

Security inquiries

For compliance questionnaires or security reviews

Contact Security