Your data, your control
Sync or Swim is designed for teams that take data security seriously. Whether you deploy in our cloud or on your own infrastructure, you stay in control.
Data Handling
We facilitate sync - we don't need to see your data.
Configurable retention
You control how long sync payloads are stored. Choose full pass-through mode with zero retention, or keep payloads for debugging and replay. Your policy, your choice.
Encryption in transit
All connections use TLS 1.3. Data moving between your systems is encrypted end-to-end.
Credential security
Connection credentials are encrypted at rest and never logged. We use industry-standard key management practices.
Deployment Options
Choose the deployment model that fits your security requirements.
Self-hosted
Deploy on your own infrastructure. Your data never leaves your network. Full control over security policies, network access, and data residency.
Cloud-hosted
Managed deployment with isolated tenant environments. Hosted on SOC 2 compliant infrastructure with automated security updates.
Private connectivity
VPC peering, private endpoints, and IP allowlisting available for enterprise deployments.
Access Controls
Fine-grained permissions and complete audit visibility.
Role-based access
Control who can configure connections, modify mappings, and view sync logs. Separate roles for admins, operators, and viewers.
SSO & MFA
Integrate with your identity provider. Enforce multi-factor authentication across your team.
Complete audit trail
Every configuration change and sync operation is logged with full context. Exportable logs for your SIEM.
Compliance
Built with compliance requirements in mind.
SOC 2 Type II
Cloud infrastructure is SOC 2 Type II certified. Audit reports available upon request.
GDPR ready
Data processing agreements available. Self-hosted option provides full control over EU data residency.
Data deletion
Delete sync configurations and associated data on demand. No hidden retention.
Incident Response
Prepared for when things go wrong.
24/7 monitoring
Automated monitoring and alerting for security events. Dedicated on-call rotation.
Responsible disclosure
We welcome security research. Report vulnerabilities to security@syncorswim.com.
Transparent communication
In the event of a security incident, affected customers are notified promptly with clear remediation steps.
Questions about security?
We're happy to discuss your specific requirements, provide documentation, or walk through our security practices.