We get questions about our data security practices and compliance measures so we wanted to share a bit more about that here.
The Basics
We're a small early-stage team, so we're focused on the core product right now and have plans to look into additional compliance features like certifications as we grow. Our founding team includes engineers who worked at Coinbase and Uber, so we take user security seriously and think about it in every aspect of the product.
If you notice a security issue or have a question or concern, you can reach out to us at security@linear.app and we'll respond as soon as possible. We do not have a bug bounty program.
Common Questions
Who is your cloud infrastructure provider and what region is your instance located?
Who are your sub-processors of data?
Is your data encrypted?
Do you provide OAuth, SAML or advanced authentication controls?
In the login with GSuite, by disabling a GSuite account, will that automatically log them out of Linear?
Is there any way to disable the ability for certain people to generate personal API keys in the paid plan?
Could you share any details around your practices for reacting to security incidents?
Do you offer permissions or admin roles?
On the paid version, who has control over setting up and using integrations?