Data Security and Protection Policy

Last Modified: August 9, 2024

At Cyfuno Labs, security and data protection are primary drivers in the design of our products and services. We strive to ensure that Customer Data is protected and treated securely. The Cyfuno Labs Data Security and Protection Policy summarizes the security-related aspects of our Software (as defined in the Privacy Policy). Any terms that are undefined in this Data Security and Protection Policy shall have the meanings as defined within the Cyfuno Labs Terms of Service or the Cyfuno Labs Privacy Policy. The Data Security and Protection Policy are incorporated into the Cyfuno Labs Terms of Service or the Cyfuno Labs Privacy Policy by reference.


The Cyfuno Labs Software is an add-on to Salesforce, and the Software works within your browser connected to Salesforce. The Software can only operate within the browser window in the Salesforce context. Therefore, all of the security protections afforded by Salesforce are automatically inherited by the Cyfuno Labs Software.

Data Traffic Boundaries

With all Cyfuno Labs Software, data traffic is entirely limited to between your browser and the Salesforce Trust Boundary, with no third-party servers involved. There is one exception, the MS Teams Integration, which is described further below. This data traffic is encrypted via the industry-standard SSL (Secure Sockets Layer) between your browser and Salesforce.

Data Collection

We do not collect or store Customer Data and no Customer Data passes through servers, except as disclosed within our Privacy Policy or this Cyfuno Labs Data Security and Protection Policy. Throughout our product designs, we take particular care to ensure that all our code and processes are data-independent, so as to maximize data security.

Data Privacy

We do not share any of your Customer Data submitted to the Software with any partners or others outside of Cyfuno Labs. All data access is strictly limited to qualified and experienced personnel within Cyfuno Labs.

MS Teams Integration

During your use of the MS Teams Integration, the data you chose to include while defining automations is sent from the Salesforce Trust Boundary directly to Microsoft's Graph API and Microsoft's Teams Bot Framework API.

Additionally, when the Teams Bot is added to a Microsoft Team and when Standard Channels within that Team are modified, an event payload is sent to a Google Cloud Function which adjusts the payload into a format that Salesforce can accept.

  • None of the data for this event is ever maintained in a file store, not even temporarily. The processing of this event is done entirely within the server's volatile memory.
  • All traffic occurs via the same industry-standard SSL encrypted channel that your browser uses.

Server Architecture

Our Software uses servers for:

  • delivering the software assets to your browser
  • managing and provisioning licenses
  • managing usage logs for the purposes noted above.

Our servers are located in secure hosting environments, within the Salesforce Trust Boundary with using Heroku. This ensures high redundancy and resilience.

  • To minimize intrusion and attack vectors, our servers expose the bare minimum of services to the public internet: only a web server. No other services are exposed.
  • Our server software is very lean: We do not use any publicly-available software frameworks. This has the benefit of preventing attacks that exploit known security vulnerabilities in frameworks.
  • Server operating systems receive regular software updates to ensure that they are not compromised.
  • Access to servers is limited to experienced systems professionals at Cyfuno Labs.

Sensitive Information

As noted above, we do not store any Customer Data on any of our servers, with the exception of document format conversion. Given the range of verticals and domains that we service and the nature of data in documents, we are unable to detect sensitive information in them. Consequently, we rely on you, our customers, to safeguard your data. In general, it is advisable to ensure that sensitive data is not included in generated documents, so that your security is not compromised.