Last updated, December 17 2020.

Archbee Security Overview

We take security very seriously here at Archbee. We know our customers trust us with their team’s important data, and we use industry best practices to keep it secure.

Backups & Data Recovery

Everything stored on Archbee is backed up daily. We have tested our recovery procedures, and in the event of a data-loss we are able to restore from backup within an hour. We also allow you to export your content in markdown format at any time, for additional peace of mind.

Encryption In Transit and At Rest

When using Archbee, all of your data is sent via HTTPS/SSL. That means your data (e.g. passwords and document content) are encrypted so it can’t be intercepted by hackers. Both our primary database and all backups are encrypted. All communication across data centers is over SSL. All communication in the same datacenter is made in a private network (AWS VPC).


We strive to make Archbee a highly-available service that our customers can rely on. Archbee runs on infrastructure that has fault-tolerance and redundancy built in. If incidents do arise, we keep our customers informed and work hard to resolve them as quickly as possible. Our current and past availability information is available at

Hosting & Service Providers

We consider security as primary criteria when choosing service providers to work with. Our providers are all SOC 2 certified.


Our credit card processor, Stripe, has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available. We never see your credit card information.


For accounts set up with email, we verify that email address belongs to you and store your password using the industry recommended hash function (bcrypt).

Access to Customer Data and Audit Policies

We have strict policies in place regarding Archbee employee access to data you store on Archbee. From time to time, certain employees may need to access customer data in order to diagnose and resolve issues. Whenever practical, we notify the customer and obtain written consent before doing so. We have granular audit logs in place to ensure that any access to customer data is logged.

Continuous Improvement

All new product features and internal processes are peer-reviewed and evaluated for their security impact before they are released to production. All new major product releases are met with serious rounds of security checks. We use freelancers and partner firms to verify our system is secure to the highest standards. We also strive to continuously monitor and improve our security practices in response to industry changes and customer feedback.

Have Concerns?  Want to learn more?‍

Send us a note at
We’re happy to help in any way we can.