Security controls built for customer data, team access, and reliable operations.
Zudo is built to protect customer data with layered safeguards, limited access, and practical operational controls designed for a modern SaaS workflow.
Scoped access and customer workspace isolation
Read-only Gmail permissions for supported email workflows
Monitoring, logging, and recovery procedures across production operations
Trust snapshot
Clear guardrails for customer data
Public-facing details stay concise here, and we can share deeper documentation during customer security review when needed.
Encrypted data
Customer data and integration secrets are protected in transit and at rest.
Read-only Gmail access
Mailbox access is limited to read-only scopes for supported email workflows.
Workspace isolation
Customer access is scoped to the appropriate workspace or organization.
Operational monitoring
Alerts, logging, and recovery workflows support reliable day-to-day operations.
Data handling
Controls that map to real customer concerns
The goal is straightforward: protect sensitive information, reduce unnecessary retention, and keep access intentionally narrow.
In transit
Traffic between users, integrations, and Zudo is encrypted in transit.
At rest
Customer data and integration secrets are encrypted at rest, and sensitive credentials are protected before storage.
Sensitive data minimization
We limit stored sensitive data where possible and apply automated redaction and filtering to supported ingestion paths.
Retention
Operational logs are retained for a limited period, and older derived data is reduced or removed according to internal retention policies.
Application security
Guardrails throughout the product surface
The application layer focuses on scoped access, verification, and prevention measures that reduce the chance of accidental or unauthorized exposure.
Authentication
User sessions and API access are authenticated separately, with controls to prevent misuse across access methods.
Tenant isolation
Application access is scoped to the appropriate workspace or organization to prevent cross-customer data exposure.
Browser protections
The app sends standard browser security protections, including content restrictions and anti-clickjacking controls.
Abuse prevention
Rate limiting and related guardrails help protect the platform against automated abuse and unexpected traffic spikes.
Integration verification
Incoming webhooks and third-party integrations are validated before processing where the provider supports verification.
Monitoring
Security-relevant events are logged, alerts are monitored, and sensitive values are scrubbed from diagnostics where possible.
Gmail access
Minimal permissions by design
gmail.readonlyuserinfo.emailWe request read-only access. Zudo cannot send emails, delete messages, modify labels, or make changes to your mailbox.
Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Customer controls
You control the connection lifecycle
Disconnect
Turn off any integration from Settings. Syncing stops immediately.
Delete
Request data deletion in-app or via [email protected]. We handle requests through an internal deletion workflow.
Export
Need a copy of your data? Email us and we'll provide it.
Platform safeguards
Operations built for reliability, not heroics
The infrastructure side is intentionally boring: managed systems, edge protection, monitoring, and controlled rollout procedures.
Managed infrastructure
Zudo runs on managed cloud infrastructure with network-level protections and restricted access to production systems.
Edge protection
Traffic is protected at the edge, and the platform is monitored for uptime, abuse, and anomalous behavior.
Change management
Changes go through controlled build and deployment workflows with health checks and rollback procedures.
Subprocessors
Core service providers
We work with a small set of established providers for infrastructure, authentication, analytics, and operational support.
| Provider | Purpose |
|---|---|
| AWS | Core infrastructure, storage, and email delivery |
| Clerk | Authentication and user management |
| Cloudflare | Edge network and traffic protection |
| OpenAI | AI-powered product features |
| Better Stack | Logging and incident monitoring |
| PostHog | Product analytics |
Need more detail?
Security review support
We can share additional details, answer security questionnaires, and walk through deletion or access controls with your team.