Data Privacy & Security
      Back to home
      1. Help Center
      2. Data Privacy & Security

      Aptivio's Email Automation Security

      We'll go over the security protocol Aptivio follows regarding email automation.



       

      Introduction:

      This article provides a detailed overview of the security measures and data management practices implemented in our services. Covering aspects such as Single Sign-On (SSO) integrations, security compliance, data handling permissions, storage architecture, geographic location, data separation, retention policies, data deletion protocols, and access control, this document aims to assure clients of the robust security measures in place to safeguard their data.  

        

        

      1. Single Sign-On (SSO) Integrations  

      Currently, our services do not support SSO authorization. However, recognizing the importance of SSO for enhanced user experience and streamlined access management, we are actively working on implementing SSO integrations, demonstrating our commitment to evolving security standards.  

        

        

      2. Security Compliance  

      While specific Security Compliance Documents such as SOC 2 Type 2 or ISO Certifications are not currently available, our hosting provider is certified in accordance with DIN ISO/IEC 27001. This certification reflects our dedication to information security, ensuring adherence to international standards and robust protective measures for data.  

        

        

      3. Data Handling Permissions  

      Our data collection processes involve gathering and storing information from employees' LinkedIn accounts. We adhere strictly to privacy policies, handling data in a secure and confidential manner, demonstrating respect for privacy rights and compliance with data protection regulations.  

       

       

      4. Data Storage Architecture  

      Company data is securely stored in MongoDB collections, utilizing a cluster of multiple servers with a replication rate of three. This architecture ensures data durability, high availability, and effective disaster recovery mechanisms, providing a robust foundation for data storage.  

       

       

       

      5. Geographic Data Storage  

      Our database cluster is strategically located in Falkenstein, Germany, ensuring compliance with local data protection laws and regulations. This location choice reflects our commitment to strong privacy standards and legal safeguards for company data.  

        

      6. Data Separation  

      Company data is comprehensively protected through logical separation mechanisms. Each customer's data is assigned a unique identifier and stored within a well-tested framework, preventing unauthorized access and mitigating the risk of exposure to other customers' data.  

        

        

      7. Data Retention and Deletion  

      Client data is retained in our database as long as they are subscribed to our services. Upon cancellation of services, robust protocols ensure complete and permanent deletion of all users' data, aligning with strict procedures to comply with data protection regulations.  

        

        

      8. Access Control  

      Access to the production database is limited to authorized personnel, including SRE Engineers, the CTO, and Senior Developers, strictly for operational purposes. Role-based access controls and comprehensive audit logs are enforced to monitor data access, minimizing the risk of unauthorized access.  

        

        

      Conclusion - Part 1 

      This technical whitepaper establishes the comprehensive security and data management framework employed in our services. By addressing key concerns related to SSO, compliance, permissions, storage, geographic location, separation, retention, deletion, and access control, we aim to instill confidence in our clients regarding the protection of their valuable data. 

       

      Abstract - Part 2 

      This technical whitepaper provides an in-depth overview of the integration between our system and Microsoft Outlook, facilitated by Buzz (Buzz.ai), a third-party proxy. The integration enables seamless communication with Outlook's API, allowing users to authenticate, send and receive emails, and monitor campaign responses. The paper details the technical flow, authentication process, email handling, and the utilization of ChatGPT for response analysis.  

        

      1. Introduction  

      Our system relies on Buzz as a third-party proxy to interact with Microsoft's API for Outlook. The key functionalities include user authentication, email campaign setup, sending and receiving emails, and response analysis using ChatGPT.  

        

      2. Authentication Flow  

      To initiate the integration, users undergo an OAuth-based authentication process. Buzz connects with Outlook and generates a link for users to authorize the connection. After clicking the link, users grant necessary permissions in the Microsoft authorization UI, allowing our system access to the mailbox.  

        

      3. Email Campaign Setup and Execution  

      Once authenticated, the user can leverage Buzz to set up engagement campaigns. Email sending and reading are entirely handled by Buzz, following the instructions provided during the campaign design. Users include a "send email" step in the campaign, specifying subject, body, and other relevant details.  

       

      4. Monitoring Inbox for Campaign Responses  

      Buzz, with read access to the inbox, continuously monitors incoming emails during the campaign. This is crucial for identifying campaign responses. When a new campaign reply is detected, Buzz triggers a webhook containing the reply email, notifying our system.  

       

      5. Response Analysis Using ChatGPT  

      Upon receiving the webhook, our system utilizes ChatGPT for email analysis and classification. The aim is to determine the prospect's interest expressed in the reply. This analysis guides decision-making in moving the opportunity through the engagement funnel.  

        

       

       

      6. MS GRAPH API  

      Buzz.ai leverages MS Graph API. The Graph API integration enables a comprehensive view of user interactions within the Outlook ecosystem, allowing us to harness detailed insights for optimizing automation workflows. By tapping into Graph API's extensive functionalities, including real-time data access and event-driven triggers, our SaaS can synchronize seamlessly with Buzz.ai's platform. This synergy empowers our clients to not only automate intricate sequences but also glean actionable intelligence from their email campaigns. The Graph API integration acts as a force multiplier, enhancing the efficiency and effectiveness of our joint solution, ultimately delivering a more potent toolset for comprehensive sales engagement. 

       

       

      7. Conclusion  

      The integration of Microsoft Outlook with our system through Buzz streamlines the email campaign process. Authentication, email handling, and response analysis are seamlessly orchestrated, providing users with a powerful tool for effective engagement. This technical whitepaper serves as a comprehensive guide for developers and system administrators implementing and maintaining this integration.