New Research: How 200 Founders Use OKRs to hit $1M ARR
Read the Report
OKRs Branding
FeaturesAboutWhy OKRs ToolPricingBlogContact
FeaturesAboutWhy OKRs ToolPricingBlogContactLoginSign Up

Security at OKRs Tool

‍Enterprise-grade protection, built for modern teams.

We take your data seriously — and that starts with secure infrastructure, privacy-first design, and transparent practices. Whether you’re a growing startup or scaling company, you can trust that OKRs Tool is built on strong security foundations.

Platform Security (Built on Bubble.io)

Our app is built on Bubble.io, a secure, enterprise-ready no-code platform trusted by thousands of startups and scaleups.

Bubble provides:

  • SOC 2 Type II compliance — Independently audited to meet high standards of security and availability

  • End-to-end encryption — All data is encrypted in transit (TLS 1.2+) and at rest

  • GDPR-ready — We follow data protection standards and offer a Data Processing Agreement (DPA)

  • Cloudflare DDoS protection & WAF — Your data is protected from malicious traffic

  • Single Sign-On (SSO) and Two-Factor Authentication (2FA) — For secure access

  • Annual penetration testing and continuous infrastructure monitoring

You can learn more in Bubble’s official security overview →

Our Responsibilities as App Owner

Security doesn’t stop at infrastructure — we go further to protect how your data is used and accessed:

  • Strict access controls — We use role-based permissions so only authorized users can access your workspace

  • Privacy rules — We implement Bubble’s fine-grained privacy controls to govern who can view or modify OKRs

  • Incident response — We monitor for suspicious activity and will notify users within 72 hours of any confirmed breach

  • Data deletion — You can request account or data deletion at any time, in accordance with GDPR and local regulations

  • Sub-processor transparency — See our sub-processor list and DPA for full details

Data Hosting & Availability

  • Hosting Provider: Amazon Web Services (AWS)

  • Server Regions: US & EU (configurable)

  • Backups: Daily automated backups with secure recovery

  • Uptime Monitoring: 99.9% uptime via Datadog and New Relic

Compliance Commitments

  • GDPR: Fully aligned with GDPR principles, including consent, access, and deletion rights

  • Data Processing Agreement (DPA): Available for customers upon request

  • Sub-processors: We maintain a small, trusted list of sub-processors under active DPAs

Security Questions?

We’re happy to help. If you're a security officer or have compliance questions, contact us directly:

info@okrstool.com

‍+372 5661 4404

Home page - OKRs Tool
LinkedIn
PRODUCT
Features
Pricing
What's new?
COMPANY
About
Why OKRs Tool
Contact
RESOURCES
Blog
FAQ
Newsletter
COMPARE
Tability
Weekdone
Perdoo
LEGAL
Terms
Privacy policy
Refund policy
Security
Sub-processors
LinkedIn
Trusted by Startups worldwide
© 2025 OKRs Tool