Security & Compliance
Data protection
| Feature | Description |
|---|---|
| Encryption at rest | All data stored in encrypted databases |
| Encryption in transit | HTTPS/TLS for all communications |
| Credential storage | OAuth tokens and API keys encrypted separately from application data |
| Session management | Secure session tokens with automatic expiration |
Access controls
| Control | Description |
|---|---|
| Role-based access | Owner, Admin, Editor, Viewer roles with scoped permissions |
| Workspace isolation | Each workspace is fully isolated (no data sharing between workspaces) |
| Connection security | OAuth and API key connections are workspace-level, not user-level |
| Audit trail | Execution history logs every workflow run with full input/output |
GDPR compliance
| Feature | Description |
|---|---|
| Cookie consent | TinyForms supports GDPR cookie consent banners |
| Data collection disclosure | Forms can display privacy policies and terms |
| IP collection | Optional (can be disabled per form) |
| Location collection | Optional (can be disabled per form) |
| Data export | All data can be exported for subject access requests |
| Data deletion | Records can be deleted from tables and form responses |
Webhook security
| Feature | Description |
|---|---|
| Unique URLs | Each webhook gets a unique, unguessable 128-bit token URL |
| IP filtering | Restrict which IPs can call your webhook |
| HMAC signatures | Verify webhook authenticity with HMAC-SHA256 signatures |
| HTTPS only | All webhook endpoints use TLS |
Integration security
- OAuth2 tokens auto-refresh without exposing credentials
- API keys are never exposed in workflow exports or shared links
- Connections can be tested and re-authorized without affecting running workflows
- Deleting a connection immediately invalidates all workflows using it
Best practices
- Use least-privilege: give team members the minimum role they need
- Rotate API keys: update external API keys periodically
- Review connections: audit App Authorizations quarterly
- Monitor execution history: check for unexpected workflow runs
- Test with test credentials: never use production API keys during development
Warning
Execution history stores full input/output data for every workflow run. Be cautious about logging sensitive data (PII, passwords, payment details) in workflow variables, because they're visible to all workspace members.