Jam.dev
HelpLoginSign up for free
  • Documentation
  • Guides
  • Website
  • Support
  • Pricing
  • Download extension
  • Download Jam for iOS
  • Get started
    • Welcome to Jam
    • Getting started
    • Creating a Recording Link
    • Creating a Jam
    • Team Setup and Integrations
  • Request a Jam
    • Recording Links
      • How to Use Recording Links
      • Setting up Recording Links with console logs, network requests
    • Jam for Customer Support
      • Getting started with Jam.js
      • How to integrate Jam with Intercom Fin
  • Record a Jam
    • Jam AI
    • Incognito Sessions
    • Instant Replay
      • Performance
      • Privacy
      • iFrame & canvas support
    • Jam for iOS
      • iOS Shortcuts for Jam
      • Setting up logging in iOS
      • Enabling Taps and Gestures on iOS Screen Recording
    • Keyboard shortcuts
    • Mobile inspector
    • Video Screen Recording
      • Desktop Recording
      • Video blur
      • Video annotations
    • Screenshot
      • Full screen screenshot
      • Screenshot hover states
    • Browser support
  • Debug a Jam
    • AI Debugger
    • DevTools
      • Secrets
      • Network req/resp bodies
      • GraphQL
      • Jam.Metadata
    • MCP
  • Integrations
    • Asana
    • Azure DevOps
    • ClickUp
    • Figma
    • Fullstory
    • GitHub
    • GitLab
    • Jira
    • Linear
    • LogRocket
    • Notion
    • Sentry
    • Slack
  • Administration
    • Team Workspaces
    • Workspace Visibility
    • Access Controls
    • Members and Roles
    • Security
    • SSO
    • Audit Logs
  • Company
    • Mission and Values
    • Security, Privacy and Compliance Policy
    • AI Policy
Powered by GitBook
On this page
  1. Company

Security, Privacy and Compliance Policy

PreviousMission and ValuesNextAI Policy

Last updated 1 year ago

Was this helpful?

LogoLogo

Product

  • Docs
  • Download extension
  • Pricing
  • Support

Company

  • Blog
  • Careers
  • Privacy
  • Security

Resources

  • Dev utilities
  • System status
  • Terms
CtrlK
  • SOC 2 Type II Compliance
  • Infrastructure
  • Does Jam backup data?
  • Frequency Retention period
  • Encryption
  • Securing our cloud environment
  • What are Jam’s practices for reacting to security incidents?
  • Has Jam deployed firewalls and intrusion detection and prevention systems in your environment?
  • How often is Jam performing vulnerability scans and penetration tests on your own infrastructure?
  • Who should I reach out to if I have a security question about Jam?

Was this helpful?

Jam’s data privacy and security practices adhere to rigorous enterprise standards. Our infrastructure, data policies and internal corporate processes have been run through extensive security tests by third-party auditors.

Our security policies are supported by quarterly vulnerability tests, and annual exercises as dictated by SOC 2 Type II requirements.

Read more about Jam's security practices and compliance measures below.

SOC 2 Type II Compliance

Jam is SOC 2 Type II compliant. We are happy to share our SOC 2 Type 2 report with qualified customers. You can email [email protected] to request the report.

Infrastructure

Jam uses Google Cloud Platform as the cloud provider to store data. For GCP, we use the Central US region. Jam uses Cloudflare for CDN. The Chrome extension is distributed through Google’s Chrome app store.

Does Jam backup data?

Yes. Our data retention period depends on the frequency of the snapshots.

Frequency Retention period

Frequency
Retention period

Hourly

2 days

Daily

7 days

Weekly

4 weeks

Monthly

12 months

Encryption

Yes. Data is encrypted at rest (AES-256) and in transit (HTTPS/TLS).

Securing our cloud environment

Access to our cloud services, source code, third-party tools etc. are secured with 2FA.

What are Jam’s practices for reacting to security incidents?

We take security very seriously. We review security issues as soon as we learn about them. We let our users know if they are affected by any security incident.

Has Jam deployed firewalls and intrusion detection and prevention systems in your environment?

Jam uses Cloudflare as a mechanism to prevent attacks on our environment, as well as have firewalls and controls within our GCP project. However it does not have an IDS or IPS running in our production network because the network is fully operated by GCP.

How often is Jam performing vulnerability scans and penetration tests on your own infrastructure?

Jam is using GitHub to store our source code. GitHub provides a vulnerability feed of issues that become known in third party software dependencies used by our source code.

Who should I reach out to if I have a security question about Jam?

If you notice a security issue or have a question or concern, you can reach out to us at [email protected] and we'll respond as soon as possible. Currently, Jam does not have a bug bounty program.