1. Engage
  2. Security & Compliance
  3. Data & Privacy

How BombBomb Protects Your Data

Justin Graves ·

Overview

At BombBomb, trust is foundational to everything we do. This article explains the security measures, infrastructure safeguards, and compliance standards we maintain to keep your data safe.

Who this applies to: All users, IT administrators, and security reviewers 

Plan requirement: Core, Core + Copilot, Enterprise

Encryption

All customer data is encrypted both at rest and in transit.

At rest: Databases, file storage, and backups are protected using AES-256 encryption.

In transit: All communication between systems is secured using TLS 1.2 or higher.

Access Control

BombBomb enforces strict access policies across all internal systems:

  • Role-based access ensures employees can only access the systems and data necessary for their role.
  • Multi-Factor Authentication (MFA) is required for all internal access.
  • Access permissions are reviewed regularly and adjusted based on role and need.

Infrastructure & Redundancy

BombBomb is built on top-tier cloud infrastructure designed for reliability and resilience, including high availability architecture, automatic failover mechanisms, and redundant backups. These safeguards help us maintain maximum uptime and service continuity.

Compliance & Privacy

BombBomb's data handling practices align with leading industry standards and regulations, including SOC 2, the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA).

For full details on how we collect, use, and protect personal information, review our Privacy Policy.

Monitoring & Incident Response

Our security team proactively monitors systems to detect and respond to threats. This includes continuous monitoring for unauthorized or suspicious activity, a formal incident response plan to quickly contain, investigate, and resolve security events, and transparent communication procedures in the event of a data-related issue.

Need More Information?

For organizations seeking additional technical details, we're happy to share our Information Security documentation under a mutual Non-Disclosure Agreement (NDA).

Data & Privacy