Security you can trust
Built from the ground up with security in mind. Your data stays protected with enterprise-grade encryption and access controls.
TL;DR: OAuth secured. Tokens encrypted. Built for production.
We never store your Airtable data. We only store encrypted OAuth tokens needed to authenticate with Airtable on your behalf.
OAuth 2.0 + PKCE
We use the industry-standard OAuth 2.0 flow with Proof Key for Code Exchange (PKCE) for secure authentication. Your Airtable credentials never touch our servers.
Encrypted Token Storage
All OAuth tokens are encrypted at rest using AES-256 encryption. Tokens are stored in isolated, encrypted databases with regular key rotation.
Least Privilege Access
We only request the minimum Airtable permissions needed for each feature. You can review and revoke access at any time from your Airtable settings.
Complete Audit Logs
Every action in BaseKit is logged with timestamps, user IDs, and IP addresses. Business plans get full access to audit logs for compliance requirements.
Transparency
Clear documentation of exactly what data we access and why. No hidden data collection. You can request a full export of your data at any time.
SOC 2 Type II
Our infrastructure is SOC 2 Type II compliant with continuous monitoring. Regular third-party security audits and penetration testing.
Compliance & Certifications
GDPR Compliant
Full compliance with European data protection regulations
CCPA Ready
California Consumer Privacy Act compliance
HIPAA Eligible
Available for Business plans with BAA
Data Residency
Choose between US and EU data centers
Infrastructure
Encrypted at Rest
All data encrypted using AES-256
TLS 1.3
All traffic encrypted in transit
99.9% Uptime SLA
Enterprise-grade reliability
DDoS Protection
Cloudflare enterprise protection