FluxCascade
FeaturesConnectorsPricingDocsBlog

Getting Started

  • Introduction
  • Quick Start
  • Core Concepts

Integrations

  • Overview
  • HubSpot
  • Jobber
  • Pipedrive
  • Salesforce

Field Mappings

  • Creating Mappings
  • Field Transformations
  • Bidirectional Sync
  • Conflict Resolution

Syncing Data

  • How Syncs Work
  • Scheduling
  • Webhooks
  • Error Handling

API Reference

  • Overview
  • Authentication
  • Connections
  • Mappings
  • Syncs
  • Webhooks

Guides

  • All Guides
  • HubSpot + Jobber
  • Deals to Jobs
  • Address Mapping

Security

  • Data Privacy
  • Encryption
  • Compliance

Support

  • FAQ
  • Troubleshooting
  • Contact Us

Compliance

FluxCascade maintains compliance with industry standards and regulations to ensure your data is handled securely and responsibly.

Certifications & Standards

SOC 2 Type II

FluxCascade is SOC 2 Type II certified, demonstrating our commitment to:

  • Security – Protecting against unauthorized access
  • Availability – System uptime and reliability
  • Confidentiality – Protecting confidential information
  • Processing Integrity – Accurate and complete processing
  • Privacy – Proper handling of personal information

Our SOC 2 report is available to customers and prospects under NDA. Contact security@fluxcascade.com to request.

GDPR

For users in the European Union, we comply with the General Data Protection Regulation:

RequirementHow We Comply
Lawful BasisConsent and legitimate interest
Data MinimizationOnly collect necessary data
Right to AccessData export available
Right to ErasureAccount deletion available
Data PortabilityConfiguration export
Breach Notification72-hour notification process
DPA AvailableStandard DPA for customers

CCPA

For California residents, we comply with the California Consumer Privacy Act:

  • Right to Know – Disclosure of data collected
  • Right to Delete – Account and data deletion
  • Right to Opt-Out – We don't sell personal information
  • Non-Discrimination – Equal service regardless of privacy choices

HIPAA

For healthcare customers handling Protected Health Information (PHI):

  • Business Associate Agreement (BAA) available
  • Encryption meets HIPAA requirements
  • Access controls and audit logging
  • Breach notification procedures

Contact compliance@fluxcascade.com for BAA requests.

Data Processing Agreements

We provide Data Processing Agreements (DPAs) that cover:

  • Nature and purpose of processing
  • Types of personal data
  • Categories of data subjects
  • Sub-processor list
  • Security measures
  • Audit rights
  • Data transfer mechanisms

Request a DPA: legal@fluxcascade.com

Sub-Processors

We use the following sub-processors:

Sub-ProcessorPurposeLocation
Cloud Infrastructure ProviderHosting and computeUSA / EU
Database ProviderData storageUSA / EU
Email Service ProviderTransactional emailUSA
Analytics ProviderProduct analyticsUSA
Support PlatformCustomer supportUSA

Subscribe to sub-processor updates: compliance@fluxcascade.com

Data Residency

Default

Data is processed and stored in the United States.

EU Data Residency

Enterprise customers can request EU data residency:

  • Processing in Ireland/EU region
  • Data never leaves EU boundaries
  • Compliant with GDPR data localization requirements

Contact sales for EU data residency options.

Security Questionnaires

We can complete security questionnaires including:

  • SIG (Standard Information Gathering)
  • CAIQ (Consensus Assessments Initiative Questionnaire)
  • Custom vendor security assessments

Request at security@fluxcascade.com

Audit Rights

Enterprise customers have:

  • Right to audit (with reasonable notice)
  • Access to third-party audit reports (SOC 2)
  • Compliance documentation

Incident Response

Our incident response process:

Detection

  • 24/7 monitoring
  • Automated alerting
  • Security event logging

Response

  • Immediate investigation
  • Containment measures
  • Root cause analysis

Notification

  • Customer notification within 72 hours for data breaches
  • Regulatory notification as required
  • Post-incident report

Recovery

  • Service restoration
  • Preventive measures
  • Documentation updates

Vendor Security

We assess third-party vendors for:

  • Security certifications
  • Data protection practices
  • Contractual security requirements
  • Ongoing compliance monitoring

Employee Security

Our team follows security practices:

  • Background checks for employees
  • Security training
  • Access control (least privilege)
  • Secure development practices
  • Regular security awareness training

Penetration Testing

  • Annual third-party penetration tests
  • Continuous vulnerability scanning
  • Bug bounty program for responsible disclosure
  • Prompt remediation of findings

Responsible Disclosure

Found a security issue? We appreciate responsible disclosure:

Email: security@fluxcascade.com

We commit to:

  • Acknowledging reports within 24 hours
  • Providing updates on remediation
  • Not pursuing legal action against good-faith reporters
  • Recognition (if desired) for valid reports

Documentation

Request compliance documentation:

  • SOC 2 Type II Report
  • Data Processing Agreement
  • Security Whitepaper
  • Penetration Test Summary

Contact compliance@fluxcascade.com

Related

  • Data Privacy – How we handle your data
  • Encryption – Technical security measures
  • Terms of Service – Legal terms
  • Privacy Policy – Full privacy policy
FluxCascade

The modern data integration platform. Connect your systems, sync your data, automate your workflows.

Product

  • Features
  • Pricing
  • Connectors
  • Changelog

Resources

  • Documentation
  • API Reference
  • Guides
  • Blog

Company

  • About
  • Contact
  • Privacy Policy
  • Terms of Service

Connect

  • Twitter
  • GitHub
  • Discord
  • LinkedIn

© 2026 FluxCascade. All rights reserved.

PrivacyTermsSecurity