Privacy and Security

Data Collection, Processing and Storage for Portant Workflow

Portant takes the privacy and security of customer data in our cloud-based platform very seriously. Portant Workflow identifies data in two categories: Metadata and “Operating Data”.
‍
‍Metadata includes file names, Google Form questions, spreadsheet headers (the first row of a Google Sheet), HubSpot Property names, reference fields, data merge settings, email templates, and usernames (email address). Portant Workflow only collects metadata from Google Workspace for the purpose of managing and maintaining the application.
‍
‍Operating Data includes the data used to customise output documents, such as Google Form responses, Google Sheet rows, HubSpot Object Data and Google Docs and Google Slides templates. Portant Workflow stores this data for the period of automation process. Once an automation is completed the operating data originating from the source is discarded unless the user has selected otherwise.

All communication between Portant Workflow and Google Workspace is done via secure protocols (SSL, TLS) and authenticated with Google via OAuth 2 standards.

The metadata stored by Portant is encrypted at rest. After written termination of the service, all user data is deleted from the platform. Portant’s servers are deployed on the market leading cloud providers (Google Cloud Platform). These services provide the highest level of security by default. These data centers are highly secure and are replicated across multiple locations to ensure resiliency and rapid failover in a disaster situation.

Portant Security Summary:
- Portant only stores operating data from Google Workspace for the period a workflow automation.
- Portant only stores metadata for the purpose of functionality
- Portant uses a market leading cloud provider with the top security standards running the latest security patches.
- Servers are hosted in secure data centers in geographically dispersed locations. The data center provider is SOC2 compliant.
- Portant Workflow is secured through the Google Cloud Platform infrastructure
- All signup and login access is managed through Google. Portant doesn’t store any of your passwords.

Data Collection, Processing and Storage for Portant Data Merge

Portant takes the privacy and security of customer data in our cloud-based platform very seriously. Portant Data Merge identifies data in two categories: metadata and operating data.
‍
‍Metadata includes file names, Google Form questions, spreadsheet headers (the first row of a Google Sheet), data merge settings, email templates, and usernames (email address). Portant Data Merge only collects metadata from Google Workspace for the purpose of managing and maintaining the application.
‍
‍Operating Data includes the data used to customise output documents, such as Google Form responses, Google Sheet rows, and Google Docs and Google Slides templates. Portant Data Merge does NOT collect or have any visibility on the operating data transmitted via the data merge process or from customer’s connected Google applications.

All communication between Portant Data Merge and Google Workspace is done via secure protocols (SSL, TLS) and authenticated with Google via OAuth 2 standards.

The metadata stored by Portant is encrypted at rest. After written termination of the service, all user data is deleted from the platform. Portant’s servers are deployed on the market leading cloud providers (Amazon Web Services and Google Cloud Platform). These services provide the highest level of security by default. These data centres are highly secure and are replicated across multiple locations to ensure resiliency and rapid failover in a disaster situation.

Portant Security Summary:
- Portant never stores operating data outside of Google Workspace
- Portant only stores metadata for the purpose of functionality
- Portant uses market leading cloud providers with the top security standards running latest security patches.
- Servers are hosted in secure data centres in geographically dispersed locations. The data centre provider is SOC2 compliant.
- Portant Data Merge is secured through the Google Workspace Environment, users need to ensure they mutually supporting security controls within Google.