Security

Protocols, Passwords and APIs

HTTPS is the secure version of HTTP and means all communications between your browser and the website are encrypted. All access to the Align.ly website is restricted to HTTPS encrypted connections.

User passwords are secured with BCrypt. Passwords are never stored in the database in plain-text and are not readable by Align.ly employees. Passwords do provide access to the Align.ly website and it is the responsibility of the end user to protect their password with care. If you feel as though your password has been compromised, please reset your password immediately.

Integration with your Salesforce account is done via API keys. All data retrieval from Salesforce is done with your unique access token over a secure connection with Salesforce's API.

Employee Access

Align.ly employees do not have access to your Align.ly account unless required to resolve a support case. In instances where staff must access your Align.ly account in order to perform support, we will get your explicit consent each time, except when responding to a critical security issue or suspected abuse. When working a support issue we do our best to respect your privacy as much as possible and only access the minimum data needed to resolve your issue.

Credit Card Protection

When you purchase Align.ly your credit card data is not transmitted through nor stored on our systems. All credit card transactions are done through Stripe, a leader in payment processing. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification available. Read more about Stripe's security in Stripe's Integration Security Guide.

Questions or Concerns?

We take security and privacy very seriously. If you have questions or concerns, please do not hesitate to contact us at support@align.ly.