Salesbolt delivers users a connection between CRM and browser data displaying on selected websites providing context relative to the information viewed, delivered via a Browser Extension. The Browser Extension acts as a proxy between the users Browser and Salesforce with data transmitted between systems.
Salesbolt makes use of Amazon's AWS Cloud Services to host Salesbolt's API, the services are accessed by the Salesbolt Chrome Extension to confirm the user’s rights to use Salesbolt and the user's connected Salesforce account to which Salesforce API calls are directed to and from in order to securely provide CRM connectivity via the Salesbolt .
Currently to provide the most performant global solution the Salesbolt platform utilises AWS US-East. Salesbolt has signed with Amazon the AWS Data Processing Addendum, which includes the Model Clauses (https://aws.amazon.com/compliance/eu-data-protection/).
Additional metadata such as user preference settings may also be stored. Salesbolt's servers use services such as access monitoring, firewall, threat detection, application performance monitoring and follows Amazon's best practice recommendations: Amazon (AWS) Best Practices.
The Salesbolt Chrome Extension does not grant its users any further privileges or access to Salesforce data than that of the currently logged in Salesforce. At any time a Salesforce Administrator can revoke Salesbolt access to a Salesforce account via Salesforce's connected app settings.
Application initiated requests for data access pass through multiple application levels to validate that the user is authenticated, licensed and belongs to the customer associated with the data and has the permissions to view/edit as requested. Only upon all checks being successful is data returned. Administrative access to the production environment is locked down to a few select Salesbolt employees via IP restricted VPN requiring multi factor authentication.
Client data required to deliver the service is stored for the period of the contract. Upon contract termination customer data is destroyed after 30 days. Backup data is retained for 30 days.
All application layers and processing transactions and system requests are logged and monitored. Infrastructure access and application performance is monitored by AWS Cloudwatch. All monitoring systems implement thresholds that when exceeded notify internal personnel via multiple channels 24 / 7 / 365.
To report any security concern or suspected vulnerability please contact the Salesbolt Security Team.
Salesbolt Privacy - https://www.salesbolt.com/privacy
Salesbolt Terms of Service - https://www.salesbolt.com/terms
Amazon (AWS) Compliance & Regulations - https://aws.amazon.com/compliance/eu-data-protection/
Amazon (AWS) Best Practices - https://d1.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf
Amazon (AWS) Security - https://aws.amazon.com/security/