Skip to content
English
  • There are no suggestions because the search field is empty.

How does SurroundR handle security and data privacy?

How SurroundR protects your data across authentication, encryption, CRM integration, and infrastructure — from browser to database.

SurroundR is built for sales teams that work with sensitive prospect and customer data every day. Security is not an afterthought — it is part of the architecture.

Architecture overview

SurroundR is composed of isolated services that each handle a specific responsibility:

  • Web application — The dashboard where you manage settings, field mappings, and team activity.
  • API server — Handles all business logic, CRM communication, and authentication.
  • Chrome Extension — Operates in your browser and communicates exclusively with the API server.
  • Background workers — Process asynchronous tasks like data syncing.

These services are separated by design. The Chrome Extension never talks directly to your CRM — every request is routed through the API server, where it is authenticated, authorized, and logged.

Authentication

SurroundR uses industry-standard JSON Web Tokens (JWT) for authentication. Tokens are short-lived, signed with a server-side secret, and validated on every request.

When you sign in through the web dashboard, your session token is stored in a secure, httpOnly cookie that cannot be accessed by client-side scripts. The Chrome Extension authenticates via a Bearer token issued during sign-in. Both paths are verified against the same server-side JWT infrastructure.

Session tokens are versioned. If you change your password or an administrator revokes access, all existing sessions are invalidated immediately.

Encryption

Tokens at rest — All CRM OAuth tokens are encrypted before they are stored in the database using AES-256-GCM, an authenticated encryption standard, with a unique salt and initialization vector for every operation. Encryption keys are derived using scrypt, a memory-hard key derivation function designed to resist brute-force attacks. Tokens are only decrypted in memory at the moment they are needed for a CRM API call and are never written to logs or returned to the client.

Data in transit — All communication between your browser, the Chrome Extension, and our servers happens over TLS (HTTPS). Database connections are encrypted with SSL in production. Internal service-to-service communication is secured within our hosting infrastructure.

Privacy-preserving lookups — When linking LinkedIn profiles to CRM contacts, SurroundR stores a SHA-256 hash of the LinkedIn URL — not the URL itself. This allows deduplication and matching without storing personal identifiers in the mapping table.

CRM integration

How we connect — SurroundR connects to your CRM using OAuth 2.0. When you connect HubSpot, you authorize SurroundR through your CRM provider's own consent screen. We never ask for or store your CRM login credentials.

What we access — During the OAuth flow, you review and approve the specific permissions SurroundR requests. We only request the scopes needed to read and write contacts and companies and to read and edit contact and company properties. We do not request access to your email, calendar, deals pipeline, or any data outside the scopes you approve.

What we store — SurroundR does not copy your CRM database. We do not pull down your contact lists, company records, or pipeline data. What we store is limited to encrypted OAuth tokens, CRM record IDs for linking LinkedIn profiles to the correct contact, hashed LinkedIn URLs for deduplication, and your field mapping configuration. When you click "Sync to CRM," data flows from the API server to your CRM via its official API. We act as a passthrough — we push data to your CRM, not the other way around.

Webhook verification — When your CRM sends events to SurroundR (for example, a contact deletion notification), we verify every incoming request using cryptographic signature validation to prevent spoofed or tampered calls from being processed.

Data minimization

SurroundR follows a data minimization principle — we store only what is necessary for the product to function.

  • No CRM data replication. Your contacts, companies, and deals stay in your CRM.
  • No personal data in mapping tables. Only IDs and hashes.
  • Token-only storage for integrations. Encrypted and scoped to the minimum permissions.
  • GDPR-compliant contact deletion. When a contact is deleted in your CRM, our webhook processing automatically scrubs related records from SurroundR.

Infrastructure security

  • Isolated compute — Application services run in isolated containers with no shared tenancy.
  • Managed database — PostgreSQL on a managed platform with automated backups, encryption at rest, and network-level access controls.
  • Environment-level secrets — Encryption keys, API credentials, and signing secrets are stored as environment variables, never in source code or configuration files.
  • Content Security Policy — The web application enforces CSP to prevent cross-site scripting and unauthorized resource loading.
  • CORS restrictions — The API server only accepts requests from known, allowlisted origins.

Monitoring and incident response

  • Error tracking with PII-aware filtering ensures sensitive data does not leak into logs or monitoring dashboards.
  • Webhook idempotency prevents duplicate processing of CRM events.
  • All authentication and authorization events are logged for audit purposes.

Good to know

  • SurroundR never stores your CRM contact data — only encrypted tokens, record IDs, and hashed LinkedIn URLs.
  • All encryption and access controls are active by default. There is nothing you need to configure.
  • If you have security questions or need information for a vendor assessment, contact us at support@surroundr.io.

That's why you don't need to stress over this:

Connecting an unverified app