Security
General practices
- We stay on top of software security updates
- Access to servers and third-party tools are secured with two-factor authentication
- Passwords are hashed with a strong hashing algorithm
- Servers are accessed via SSH with a password-protected key only
- Multiple firewalls blocking unauthorized access
- Database and server backups are encrypted
- All connections going in and out of Notion Backups are encrypted
- Payment information is transmitted and processed securely in a PCI-compliant manner
Backups
Your Notion data is stored on our servers only during the backup process. Once the backup is complete and uploaded to a cloud storage provider of your choice, your data is permanently deleted from our servers.
Cloud storage accounts
You must connect to one of the available cloud storage providers to retain your backups. Currently, you can store your backups in Google Drive, Dropbox, Amazon S3, and Backblaze B2.
Google Drive and Dropbox integrations can only access the files and folders they have created, and not any other files in your account. With Amazon S3, you can restrict your IAM user's access to specific buckets only.
Disconnecting your Google Drive or Dropbox account will revoke Notion Backups' access tokens, preventing future access to your accounts. Deleting your Notion Backups account will automatically revoke access to your Google Drive and Dropbox accounts.
Disclosures
To report a security vulnerability, please reach out to security@notionbackups.com.