Secure Communication
All integrations and data transfers use secure, encrypted connections supported by the platforms we integrate with.
Security at Castflow
We take a practical, security-first approach when designing and operating automation systems for our clients. Our processes focus on protecting integrations, access, and data flows across the tools we connect.
Our Security Approach
Access Management
Access to project environments and credentials is restricted to authorized team members and follows least-privilege principles.
Third-Party Integrations
We integrate with official APIs and approved providers using the authentication mechanisms they provide.
Operational Hygiene
We follow standard engineering practices such as environment separation, secure secret management, and restricted production access.
Privacy & Data Handling
We process only the information required to design, deploy, and support automation workflows.
Data is not sold or shared beyond what is necessary to deliver the solution.
Data storage, retention, and security controls are governed by the policies of the third-party platforms selected by the client.
Data Retention
Project access and related data are retained only as long as necessary for delivery and support. Access can be modified or revoked upon request.
Incident Management
If a security-related issue is identified in an implementation, we work with the client to assess impact and apply corrective measures.
Shared Responsibility
- Protect credentials and API keys
- Limit admin access
- Maintain security controls on connected platforms
- Notify Castflow of suspected compromise
Security Contact
Security Contact