Book Demo
Documentation

Data Privacy & Policies

How Colby handles, encrypts, and protects your data at every step — from your browser to Salesforce and back.

Zero Data Retention

All session data is deleted after each session ends. Colby does not persist your Salesforce data.

Colby operates on a zero-retention model. When your session ends, all temporary data associated with that session is permanently deleted. Your Salesforce data is never stored in our systems beyond the duration of an active session.

Encryption

Encryption In Transit

All communication between the Chrome extension and backend uses TLS/HTTPS. In addition, Colby implements per-session encryption using ECDH key exchange with AES-256-GCM, providing an extra layer of transport security beyond standard TLS.

TLS/HTTPS Required

All connections enforce TLS — no plaintext communication is ever accepted.

End-to-End Encryption AES-256-GCM

Per-session ECDH key exchange establishes a unique encryption channel for each session, with AES-256-GCM providing authenticated encryption.

Encryption At Rest

Any temporary session data stored during active use is encrypted using AES-256-GCM with keys managed by Google Cloud KMS following the envelope encryption pattern. Encryption keys are automatically rotated and never stored alongside the data they protect.

Session Isolation

Each user session operates in a fully isolated environment. There is no data sharing between sessions or between users. When a session ends, all associated data is permanently purged.

Sessions are fully isolated — no data crosses session or user boundaries.

Authentication

Colby uses industry-standard authentication protocols to verify identity and manage sessions:

  • Salesforce OAuth 2.0 — with support for External Client Applications (ECA) for secure CRM access
  • Google OAuth — for user identity verification
  • JWT tokens — for secure session management with automatic expiration

Log Sanitization

All system logs automatically redact sensitive data before writing. This includes tokens, email addresses, phone numbers, and any other personally identifiable information. Logs are used only for system health monitoring and debugging — never for tracking user activity.

Audit Trail

All data operations — reads, writes, and updates — are logged in an immutable audit trail. This enables compliance review and provides a clear record of all actions taken by Colby on behalf of each user.

Chrome Extension Permissions

Colby requests the minimum permissions necessary to function:

  • Salesforce domains — to detect when you're on Salesforce and provide contextual assistance
  • Colby backend — to communicate with our cloud services
  • No access to browsing history, bookmarks, other tabs, downloads, or any data outside Salesforce

What Colby Can See

Colby can only see the Salesforce data that your user profile has access to. It fully respects your Salesforce role hierarchy, profile permissions, and field-level security. If you can't see a record or field in Salesforce, Colby can't see it either.

What Colby Cannot Do

Cannot delete records

Colby does not have delete access to any Salesforce records.

Cannot access data outside your permissions

Colby operates within your existing Salesforce role, profile, and permission sets.

Cannot make bulk changes without review

Large edits are staged for your explicit approval before being committed to Salesforce.

Compliance

For detailed compliance information including SOC 2 status, visit our Vanta Trust Center.

Learn More

Architecture Overview

How Colby's system is built, from extension to cloud backend.

Infrastructure & Reliability

Our GCP deployment, scaling, monitoring, and incident response.