Browse our guides or talk to our team.
Gliffy aims to help every team solve problems and collaborate visually, which means that sometimes your diagrams may contain sensitive information. We care about your data and privacy, so we’re committed to making diagramming with Gliffy as easy as possible, without compromising on security.
Gliffy is owned by Perforce Software, so certain policies and practices (ie: Business Continuity Plans) are informed by or aligned to their company-wide policies.
Read on to learn more about our policies and commitments to your security or jump ahead to one of the following sections:
No personal information (billing information) is stored within Gliffy.
We do not sell or share your personal information.
Information about your session (browser type and IP) when you use the Online or Atlassian application can be used to help us troubleshoot technical problems. This information is stored, but the oldest data is overwritten by current data. Only engineering staff are permitted access to server logs to resolve issues.
Gliffy is a web-based application. Gliffy does not store your diagram data on a local device. When you choose to store your diagram, your diagram data and your preferences are not stored on Gliffy servers. Diagram data stored in the following applications and cloud services are covered by their respective privacy policies:
If an error condition occurs, Gliffy typically will send an error report back to the servers. The information collected for troubleshooting does not contain personal information or complete diagram data.
Gliffy Support will only access customer information when necessary, to resolve an open ticket.
If you want to access, review, or delete your personal information and communication, please request assistance at https://www.gliffy.com/support/request-support.
All customer data is encrypted using HTTPS over Transport Layer Security (TLS) 1.2 or higher.
All document content is encrypted at rest with AES-256. The encryption is transparent; keys are managed by our cloud infrastructure provider.
All payments made for Gliffy Online use www.stripe.com (PCI Certified). For additional information, please visit https://stripe.com/privacy No credit card data or payment related information is stored on Gliffy systems.
Gliffy servers and customer data are hosted on Amazon Web Services (AWS). Information about AWS Security can be found here: https://aws.amazon.com/security/.
At Perforce facilities, appropriate physical security is maintained and measured to ensure the safety and protection of employees, company assets, and Customer Data.
The Gliffy development team closely reviews all code before it is released. Developers inspect the logic and data information flows of new feature to ensure no security vulnerabilities are introduced. Unit tests are also developed and run to ensure the application does not behave in an unexpected way.
Perforce works with third-party service providers and vendors that will have access to Gliffy Data and conducts a risk assessment of the data security practices of each third-party. Periodic reviews of each third-party to ensure their data security practices continue to meet the necessary requirements.
Periodic training occurs on security issues and how to prevent/mitigate for continuous improvement.
Perforce maintains separation of duties to prevent end-to-end control of a process by one individual.
Perforce has an employee termination process the covers timeframes for termination of logical and physical access, including procedures to collect any devices or equipment containing Perforce data.
Perforce maintains a business continuity plan to manage and minimize the effects of unplanned disruptive events (cyber, physical, or natural).
Perforce follows guidelines and recommendations from GDPR with regards to all the data and information handled, processed, and stored by Gliffy.
Feel free to contact us with additional questions.