Compliance & data privacy
Arrows is SOC 2 Type II and GDPR compliant, with third-party audits confirming our security practices annually.
Our SOC 2 report is available in our Trust Center and has zero exceptions, demonstrating our commitment to security and data protection.
Enterprise-ready security features
RBAC
Leverage role-based access to control who on your team has access to specific features.
SSO (enterprise only)
Manage user authentication with SAML single sign on and keep access grants up-to-date with SCIM.
Audit logs (enterprise only)
Track, monitor, and search in-app user activity. Export reports and alerts to your preferred tools.
Still have questions?
Can’t find the answer you're looking for? Email us any time: help@arrows.to.
Yes, Arrows is SOC 2 Type II compliant. Our application and security practices undergo hundreds of daily automated tests to ensure consistent compliance and are regularly assessed by a third party auditor. A copy of our most recent SOC 2 report is available in our trust center.
Arrows data is stored in PlanetScale. You can view an updated list of our subprocessors here.
Yes! You have full control over Arrows plan and room access. Depending on your security needs, you can choose between an open link available for anyone or restrict access permissions further.
Yes, Arrows is GDPR compliant. We outline all our data processing measures in our Data Processing Addendum.
Arrows follows all best practices for interacting with your HubSpot data, including only requesting permissions for data that we need. All data is accessed securely using HubSpot's API and we encrypt your access tokens. Additionally, Arrows is certified by HubSpot which requires an in-depth technical review by HubSpot's team of developers.
