You control whether or not your App stores data collected from the end-user. If you decide to store end-user data, we provide you with industry-standard security measures.
By default, your Apps store end-user data via the Responses tab:
Under the Responses tab, you will find data collected from each App session (every time someone uses your App, whether or not it is in Test Mode, you create a "session" of data).
The Responses tab is not a suitable way to store end-user data for any other reason besides testing your App (i.e. "debugging" your App). The typical use-case for the Responses tab is as follows: While your App is in Test Mode, you run through it and are surprised to see that some piece of conditional logic didn't work as you expected, so you look up the Response data from that session to confirm how each variable was defined in your session (which may lead you to conclude there is something wrong with your conditional logic).
You can turn off this feature via the App Builder under Settings > Data Storage:
Note: turning off this feature will make it significantly more difficult to "debug" your App.
The best way to store end-user data is with a Workbase where you control exactly what data is being stored.
For both Workbases and the data stored under the Responses tab, we employ industry-standard security measures similar to those used by companies like Dropbox and Google. Thousands of lawyers and dozens of bar associations trust Community.lawyer to collect, store, and transfer sensitive data.
Here is a breakdown of our data security measures:
Any data your app collects is encrypted in transit from the end-user's machine to our servers via Transport Layer Security (TLS).
You data is stored using Amazon Web Services (AWS). AWS infrastructure is designed to meet the requirements of the most security-sensitive organizations in the world. AWS data centers are managed in accordance with leading data security standards, including SOC 1 - 3, PCI DSS Level 1, and ISO 9001 / ISO 27001.
Webhooks allow you to send data from your app to an outside database (or other web apps). Community.lawyer apps can send these requests over Hypertext Transfer Protocol Secure (HTTPS), which means data is encrypted in transfer.