WB
WikiBeam

Security

WikiBeam is built with security and privacy at its core. Your data protection is our priority.

EU Data Residency

All data is stored and processed in France, EU. Fully GDPR compliant.

Encrypted Data

Data encrypted at rest and in transit using industry-standard TLS 1.3.

OAuth 2.0

Secure ClickUp authentication. We never store your ClickUp password.

Data Deletion

Delete all your data anytime from your account settings. No questions asked.

Data We Access from ClickUp

WikiBeam uses ClickUp's official OAuth 2.0 API and requests only the minimum permissions needed to sync your documentation:

What We Access:

  • Document content (Docs only)
  • Document titles and hierarchy
  • Workspace ID for authentication

What We Do NOT Access:

  • Tasks, Lists, Folders, or Spaces
  • User audit logs or activity data
  • Team member information
  • Comments, attachments, or files outside Docs
  • Your ClickUp password
  • Billing or subscription information

Your ClickUp workspace security policies, audit logs, and permissions remain fully intact. WikiBeam operates as a read-only integration for your Docs.

Data Storage & Hosting

ComponentLocationProvider
Database (PostgreSQL)Paris, FrancePrivate VPS
Sync ServiceParis, FrancePrivate VPS
Frontend / CDNGlobal Edge NetworkVercel
Payment ProcessingEUPaddle

All document content and user data is stored exclusively in our EU-based infrastructure in France, ensuring GDPR compliance by default.

Infrastructure Security

  • Encryption in Transit: All data transmitted over HTTPS with TLS 1.3
  • Encryption at Rest: Database encrypted using AES-256
  • Access Control: Role-based access, principle of least privilege
  • Regular Backups: Daily automated backups with point-in-time recovery
  • Monitoring: 24/7 uptime monitoring and alerting
  • Updates: Regular security patches and dependency updates

Authentication & Access

  • OAuth 2.0: Secure authentication via ClickUp or Google. We never see or store your passwords.
  • Session Management: Secure, HTTP-only cookies with automatic expiration
  • Password Storage: For email/password accounts, passwords are hashed using bcrypt with salt
  • Token Security: ClickUp OAuth tokens are encrypted and stored securely

Your Data Rights

You have full control over your data:

  • Access: View all data we store about you in your account settings
  • Export: Export your published sites and content at any time
  • Delete: Permanently delete all your data with one click in settings
  • Portability: Your published content is standard HTML, fully portable

For data access requests or concerns, contact us at abdmusttoumi@gmail.com

Compliance

GDPR Compliant

EU data residency, data minimization, right to erasure

DPA Available

Data Processing Agreement for enterprise customers

Security Contact

To report a security vulnerability or for security-related inquiries:

Email: abdmusttoumi@gmail.com

We aim to respond to security reports within 24 hours.