Security and Privacy Practices

Our commitment

At LizaAI, the safekeeping of your data is a top priority. We strive to implement industry best practices for security in every aspect of our application.

Information we access
Calendar — zero knowledge In order to enable scheduling services, we access your Google Calendar through Google's API. We only read and store your availability data. We never read or store the information about events on your calendar.
Email and contacts — zero knowledge We never read or store your emails or contacts.
Secure authentication We let you log in using your Google account through a secure OAuth connection. We don't have access to your Google password, and we only gain access to the Google services you authorize us to access.
Data and hosting
DigitalOcean We host our servers and databases at DigitalOcean. DigitalOcean provides a 99.99% uptime guarantee, and is certified on multiple international standards, including SOC 1 Type II, SOC 2 Type II, ISO/IEC 27001, and PCI-DSS. DigitalOcean backs up our database on a regular basis.
Google When someone schedules a meeting with you through our scheduling widget, we put an event on your Google Calendar for you.
Encryption LizaAI uses and requires HTTPS to encrypt your data while it's in transit between your browser and our servers.
Protecting you
Countermeasures We have countermeasures in place against techniques such as Cross-site scripting (XSS) and Cross-site request forgery (CSRF) attacks.

We're here for you

If you have a question or suggestion, or if you think you have found a security vulnerability, please don't hesitate to contact us at [email protected]. We assure you that our ego is much smaller than our desire to improve.