FramerSend is built from the ground up to protect your sensitive CRM credentials and ensure compliance with global data privacy standards.
When you save a CRM API key in FramerSend, it is immediately encrypted using industry-standard AES-256 encryption before being stored in our database. Your raw API keys are never exposed in plaintext.
We act strictly as a secure router. When a visitor submits a form on your Framer site, the payload (names, emails, messages) is held in memory just long enough to deliver it to your CRM. We do not store personal identifiable information (PII) in our database.
All API requests to third-party CRMs are executed from our secure backend environment on Vercel's Edge Network. Your frontend Framer code only contains a public Form ID, eliminating the risk of client-side key scraping.
Our database utilizes PostgreSQL Row Level Security (RLS) policies. Even if the application logic were compromised, the database engine enforces that users can only access their own encrypted credentials.