Data encryption
In transit
All communication between your browser and Script.it is encrypted using HTTPS with TLS 1.2 or higher. This applies to every request — API calls, file uploads, webhook payloads, and everything in between.At rest
Data stored in Script.it is encrypted at rest. This includes scripts, session files, and any credentials you’ve connected through integrations.Credential security
When you connect an integration — Slack, Gmail, Google Sheets, or any other service — Script.it stores the access credentials in encrypted form. Your credentials are never exposed in plain text, and they’re never included in script source files or chat history. To revoke access for an integration at any time:- Go to Settings → Integrations.
- Find the integration you want to disconnect.
- Click Disconnect.
Isolated run environments
Every session runs in its own isolated environment. This means:- Concurrent sessions don’t interfere with each other.
- Runtime files are scoped to the session that produced them.
- Script source and run output are stored separately.
Workspace backups
Your Script.it data — scripts, session history, trigger configurations, and connected integrations — is automatically backed up. You don’t need to configure anything for backups to work.Infrastructure
Script.it runs on Google Cloud. The infrastructure includes redundancy at multiple levels and automatic failover, so a failure in one component doesn’t bring down your automations. Scheduled triggers and webhook triggers are designed to continue operating even during maintenance windows.If you have specific compliance requirements or questions about data handling, contact support@script.it.