Back to home

Security

Last updated: March 4, 2026

Inboxee handles sensitive email and LinkedIn data for outbound sales teams. Security is foundational to how we build and operate the platform. Here is how we protect your data.

Encryption

  • In transit: All data is encrypted using TLS 1.2+ between your browser, our servers, and third-party integrations
  • At rest: All stored data is encrypted using AES-256 encryption
  • Credentials: Email account credentials and API keys are stored using industry-standard vault encryption, never in plaintext

Access Controls

  • Role-based access: Workspace permissions ensure team members only see the data they need
  • Authentication: Secure login with support for strong passwords
  • Internal access: Inboxee employees follow least-privilege access principles. Access to production data is logged and audited

Infrastructure

  • Hosted on industry-leading cloud infrastructure with SOC 2 certification
  • Automated backups with point-in-time recovery
  • Network isolation and firewalls between services
  • DDoS protection and rate limiting
  • Regular security updates and patching

Data Handling

  • Minimal retention: Email and message content is stored only as long as needed for sync and display. We do not retain data beyond its operational purpose
  • No selling: We never sell your data to third parties
  • No training: Your email content is not used to train AI models. AI labeling processes data in real time without persistent storage of model training data
  • Deletion: When you disconnect an account or delete your Inboxee account, associated data is removed within 30 days

Third-Party Integrations

When you connect third-party services (Gmail, Outlook, LinkedIn, HubSpot, Slack, etc.), we use OAuth 2.0 where available and request only the minimum permissions required. We do not store third-party passwords. Integration tokens are encrypted and can be revoked at any time by disconnecting the integration.

Incident Response

We maintain an incident response plan for security events. In the event of a data breach that affects your information, we will notify affected users within 72 hours in compliance with applicable regulations.

Responsible Disclosure

If you discover a security vulnerability in Inboxee, please report it to [email protected]. We take all reports seriously and will work to address confirmed vulnerabilities promptly.

Questions

For security questions or concerns, contact us at [email protected].