Web application access
All access to the Bump by Userfeed website is restricted to HTTPS encrypted connections. User passwords are encrypted via the
bcrypt password hashing algorithm. Passwords are never stored in the database in plaintext and are therefore not accessible by staff.
Application data is stored in Amazon Web Services (“AWS”) infrastructure and is protected by Amazon’s security and environmental controls. Additional details about Amazon's security measures can be found here and here.
Payment processing and storage
We do not store or process any payment data. All payments made to Userfeed go through our payment partner, Stripe. Details about their security setup and PCI compliance can be found at their security page.
Intercom data access
All Intercom data is retrieved via Intercom's API using a secure connection and a unique access token, which Intercom provides when you authorize our application. The unique access token is encrypted at rest. All data sent to Intercom is encrypted in transit.
When you authorize Bump by Userfeed to connect to your Intercom account, you give us access to the following entities: admins (teammates), conversations, companies, contacts, and tags.
Within those entities, we store the following data:
ID, state (open, closed, snoozed)
Note that the data we actually store is a subset of that which we have to access in order to deliver our product. When retrieving data from Intercom's API or receiving it via Intercom webhook notifications, any data provided by Intercom that is not explicitly listed above is not stored by Userfeed.
Have a question or concern? Please email us at firstname.lastname@example.org