// security

Built on a foundation
of trust.

Your NetSuite credentials and financial data are sensitive. We built SuiteCollector with security as a foundational requirement, not an afterthought.

// practices

How we keep
your data safe.

Per-Team Encryption

Your NetSuite credentials are encrypted at rest using team-specific keys derived through a key derivation function. No shared secrets between tenants.

OAuth 2.0

We connect to NetSuite using OAuth 2.0 authorization. Your NetSuite password is never stored or transmitted through SuiteCollector.

Role-Based Access

Team owners control who can access what. Invite members, assign roles, and ensure only authorized users view sensitive data or modify workflows.

Data Isolation

Each team's data is completely isolated. Multi-tenancy is enforced at the application layer — teams can never access another team's data.

Secure Infrastructure

Runs on encrypted infrastructure with HTTPS on all connections. Database backups are encrypted and access is restricted to essential personnel only.

Audit Trail

All dunning actions, workflow executions, and configuration changes are logged. See who did what and when for full accountability.

// netsuite data handling

What we sync. How we protect it.

01

What we sync

Customer records, invoices, credit memos, and payment history from your NetSuite instance. We only read the data necessary to power collections workflows.

02

How we connect

Connections use NetSuite's SuiteTalk REST API and RESTlet endpoints via OAuth 2.0. All API calls use HTTPS. We recommend a dedicated integration record with minimum required permissions.

03

Credential storage

Your Client ID, Client Secret, access token, and refresh token are encrypted using a per-team key from a key derivation function. Credentials are never exposed in logs, API responses, or error reports.

04

Data retention

If you cancel, your data is retained for 30 days to allow reactivation, then permanently deleted. You can request immediate deletion at any time.

// security questions

Want to dig deeper?

We’re happy to discuss our security practices in detail.

Contact us