Thousands of companies around the world benefit from Nintex’s Workflow platform and Document Generation applications. Nintex is committed to maintaining the security and reliability of all our products.
Your privacy comes first
Accessible and secure
Responsible and transparent
Privacy and compliance
Data and content
Nintex maintains high level security of the Nintex Workflow platform. All of our security controls and risk analysis focus on protecting customer data and content. Nintex has implemented Data Security and Software Development guidelines to standardize our product development and data handling processes and procedures. These guidelines include protections for OWASP Top 10 security flaws, recommendations for avoiding cloud security threats, and secure software development lifecycle processes. We review and, if necessary, update, these guidelines regularly to reflect the current threat landscape and known vulnerabilities.
Customers retain ownership of – and responsibility for – the data and other content they input in the design and publication of Nintex workflows and Nintex forms. Our End User License Agreement (pdf) and Subscription Agreement (pdf) provide additional information regarding these obligations.
Nintex Workflow platform users can only access data within their customer tenant or organization-hosted solution. The Nintex Workflow platform segregates customer tenant data and processes according to multi-tenant data architecture best practices, which in some software elements includes separate data stores per tenant.
Data in transit
Nintex solutions use the TLS protocol for data and communications security whenever possible.
Nintex appreciates responsible reporting of potential security vulnerabilities. If you’ve identified a potential security vulnerability in the Nintex Workflow platform, please report this potential vulnerability as soon as possible to Nintex Security. We will work with you to verify and mitigate the vulnerability.
In such instances, we request that you comply with the following guidelines.
- Make a good faith effort to avoid data destruction, misappropriation of content, privacy violations, and interruption or degradation of our services.
- Notify Nintex promptly and provide all available information regarding the potential vulnerability
- Provide Nintex a reasonable period of time in which to review and, if necessary, mitigate the vulnerability prior to making any public disclosure regarding the vulnerability.
Please email Nintex Security to obtain a PGP key for encryption of any report you wish to send.
Try the Nintex platform for free and see how quickly you can save time and money. Start creating workflows today.