All Collections
Information Security
Materials
Privacy By Design (SFDC as Core)
Privacy By Design (SFDC as Core)
Erol Toker avatar
Written by Erol Toker
Updated over a week ago

Truly was architected from day one with the Privacy By Design philosophy. This is highlighted by several core features of the system that also happen to be its differentiators.

Salesforce as core data infrastructure back-end

Unlike other tools which claim that 'Salesforce sucks at XYZ', we believed that when configured correctly (like any hosted database) it could meet the needs of most organizations.

That's why we built our analytics product as an AppExchange package that lives inside Salesforce and does all data transformation, modeling and reporting inside of your Salesforce instance.

The implications of this are that:

  1. Truly does not need direct access to your data: to deliver its analytics/automation features. If you have other tools that push the data into Salesforce, we can piggyback on those within the secure SFDC environment

  2. Truly does not need long-term access to your data: any data that is ingested by our system and pushed to Salesforce can be wiped from our system almost immediately since the data exists fully within SFDC.

  3. Truly is fully incentivized to push all data/metadata into Salesforce: in order to maximize the effectiveness of its analytics/automation software and does not require storage of your data in its own back-end

Since Salesforce is considered one of the most secure providers in the world as far as being certified to house data classified as PII (including social security numbers), PCI, HIPAA, GDPR and other sensitive content.

Our data architecture allows you to bet on this mature infrastructure, rather than a "startup".

Limited Data Import From Salesforce

We do not pull any data from Salesforce unless you are using our Voice+SMS products, and even in that case, we limited data to the minimum that is required to make our application work (Contact Name, Phone Number, Email).

This data can be retained for the duration that it is useful to your employees and wiped automatically/continuously through a data retention policy.

Beyond this, all that we store is unique SFDC record identifiers which we use to push users into the Salesforce system via opening the record in a browser window.

Did this answer your question?