Slemma understands that the confidentiality and integrity of our customers' information is vital to their business operations. This is why the security of our client's information is our top priority. We use a multi-layered approach to protect valuable information that comes through Slemma. By constantly monitoring and improving our application, we are able to meet the growing demands of security and keep our client's sensitive information private.
Slemma has privacy and security-conscious policies that apply to all of our information handling practices. Learn more
Slemma uses Amazon Web Services, a top-tier data center, protected by industry-standard security measures. You can read more about Amazon Web Services here.
All data is transmitted via SSL encryption so nothing is ever exposed. When you access Slemma, SSL technology protects your information using both server authentication and data encryption. This way, only people with permissions will have access to your data.
All payment-related services are provided by Stripe, which is widely regarded as one of the most reliable payment processors in the industry. Slemma does not have access to any of your sensitive payment information.
Since we connect directly to your databases, we will never store any of your data. This means that each time you build or view a chart, Slemma runs a query that only pulls what is needed for that visualization.
Slemma connects to your databases with read-only permission, this way your data isn't vulnerable to change. The information in your database can not be altered from inside Slemma. You can choose to connect to a local database, using the reverse SSH tunnel, so your data resides behind a secure firewall and you never have to open a port. For databases that support SSL encrypted connections, Slemma will also accept an SSL certificate.
To improve performance, we only cache the returned results of any query that is used to generate a chart. This cache is only temporary and the duration can be changed in settings.
Slemma also connects to cloud storage and third-party services. Similar to database connections, we are sending queries directly to these services whenever the chart is rendered. Slemma receives data from your services through the secure permission process (oauth or API secret key) built into the service. Slemma will not be able to access your data unless authorized and will only import the data selected by the user. You can revoke Slemma's access at any time.
In Slemma, you can set user roles and permission levels. Admins and Editors can create charts from shared data sources. However, only Admins manage users and billing information. Viewers are able to see shared dashboards but are unable to create or edit charts. You can read more about our permissions levels here.
Slemma is a cloud service, however we offer a self-hosted version of Slemma. Drop us a line at firstname.lastname@example.org if you want Slemma to be installed on your servers or on a private cloud.
Have a question about Slemma security? Email us at email@example.com