Question: Why do I need to grant Loop access to my accounts?
Answer: Loop provides a unified and prioritized workspace for all your meetings, messages, files and tasks from the tools you already use. In order for Loop to make your content available from your underlying providers we need permission to access that data.
Question: But why do I need to authorize you to send emails, read my files etc. on my behalf?
Answer: As a fully functional platform, Loop allows you (the user) to read, reply, edit and take other core actions with your content. Loop communicates your desired action securely to Google, Microsoft etc. on your behalf. That provider requires Loop to have permissions from you to effectuate those actions.
Question: Is my information safe?
Answer: Everything Loop does is geared towards ensuring the safety and integrity of your information. Some highlights include:
Loop never stores your user name and password. Loop users connect to third party applications (e.g. Google, Office365, Slack, Asana, Trello, Dropbox) using OAuth 2.0, an industry standard for authorizing secure access to external apps.
Users may revoke Loop access at any time and also are able to request their data be deleted.
All data in transit between users, Loop, and third party services is encrypted using 256-bit SSL/TLS. These protocols are revised as new threats and vulnerabilities are identified.
Loop divides its systems into separate networks using logically isolated Virtual Containers in Amazon Web Services data centers. Systems supporting testing and development activities are hosted in a separate network from systems supporting Loop's production services. Customer data only exists and is only permitted to exist in Loop's production network. Network access to Loop's production environment is restricted. Only network protocols essential for delivery of Loop's service to its users are open at Loop's perimeter. All network access between production hosts is restricted using firewalls to only allow authorized services to interact in the production network.
Loop never shares or transfer personal identifiable information or the content of any user's messages with any party, including the user's employers, except as required by law or as needed for the purposes of collection or related to providing Loop services to users.
Question: Are your policies and procedures documented?
Answer:
Question: How do I know you follow these policies and procedures?
Answer: Loop has been authorized by Google for restricted scope access to user information. To maintain this status, Loop is required to undergo an annual penetration test and 3rd party audit. You can see the results of the latest audit here
Other security related questions?
Get a hold of our security team: security@loophq.com
