Security

Details on Fillout's security practices.

Fillout is specifically designed for intaking customer data securely. We follow industry best practices to keep your responses secure and let you backup responses to third-party services and databases. We also offer an optional self-hostable agent to prevent customer form responses from ever passing through or being stored on Fillout servers.

Data we collect and store

Infrastructure and network security

Security is a top priority for us and we take the following measures to keep your data and account secure.

Hosting

Fillout is hosted on Google Cloud Platform (GCP, via render.com) and our GCP/render.com servers are located in the United States and the European Union (EU). EU servers are only used if requested by the customer. GCP data centers have state-of-the-art physical access controls, logical access controls, and frequent third-party independent audits. Google has published a detailed security whitepaper outlining these measures.
Fillout.com employees have as-needed access to infrastructure on render.com. All employees have dedicated user accounts and access infrastructure via two-factor authentication.

Encryption

All data in transit is encrypted over HTTPS/TLS between you and Fillout.com's servers. All data is replicated for durability.

Application security

Two-factor authentication and single sign-on

Fillout.com supports G Suite SSO, allowing customers to enforce that users sign in using customer-managed identity providers. Two-factor authentication for application login can be enforced at the identity provider level (e.g. by turning it on within G Suite).
Contact us to enable other SSO providers, like Okta, Active Directory, or other SAML providers.

Business continuity and disaster recovery

Business Continuity

Fillout.com keeps daily and point-in-time encrypted backups of data on render.com. While never expected, in the case of production data loss, we are able to restore customer data from these backups.

Disaster Recovery

In the event of a region-wide outage, Fillout.com will bring up a duplicate environment in a different Google Cloud Platform region. Fillout.com infrastructure is designed to be portable and restorable under different regions.

How to report vulnerabilities

You can email security<@>fillout.com with details on any security vulnerabilities you discover.