At LizaAI, the safekeeping of your data is a top priority. We strive to implement industry best practices for security in every aspect of our application.
|Information we access
|Calendar — zero knowledge
|In order to enable scheduling services, we access your Google Calendar through Google's API. We only read and store your availability data. We never read or store the information about events on your calendar.
|Email and contacts — zero knowledge
|We never read or store your emails or contacts.
|We let you log in using your Google account through a secure OAuth connection. We don't have access to your Google password, and we only gain access to the Google services you authorize us to access.
|Data and hosting
|We host our servers and databases at DigitalOcean. DigitalOcean provides a 99.99% uptime guarantee, and is certified on multiple international standards, including SOC 1 Type II, SOC 2 Type II, ISO/IEC 27001, and PCI-DSS. DigitalOcean backs up our database on a regular basis.
|When someone schedules a meeting with you through our scheduling widget, we put an event on your Google Calendar for you.
|LizaAI uses and requires HTTPS to encrypt your data while it's in transit between your browser and our servers.
|We have countermeasures in place against techniques such as Cross-site scripting (XSS) and Cross-site request forgery (CSRF) attacks.
If you have a question or suggestion, or if you think you have found a security vulnerability, please don't hesitate to contact us at [email protected]. We assure you that our ego is much smaller than our desire to improve.