Customer trust and data security are critical to everything we do at Toooday. To understand how we collect and handle your data please refer to our Terms of Use and Privacy Policy.

Product security


We enable permission levels across the service which you can set to across decisions to limit collaborator access.

Password and Credential Storage

Toooday enforces a password complexity standard and credentials are stored using a PBKDF function.


We have uptime of 99.9% or higher.

Network security

Data Hosting and Storage

Toooday services and data are hosted in Amazon Web Services (AWS) facilities (us-east-1) in the USA.

Failover and Disaster Recovery

All of our infrastructure and data are spread across multiple AWS availability zones and will continue to work should any one of those data centers fail.

Virtual Private Cloud

All of our servers are within a virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests getting to our internal network.


On an application level, we produce audit logs for all activity.

Permissions and Authentication

Access to customer data is limited to authorized employees who require it for their job. Toooday is served 100% over https.


Our API and application endpoints are TLS/SSL only. We also encrypt data at rest using an industry-standard AES-256 encryption algorithm.

Security questions?

If you think you may have found a security vulnerability, please get in touch with our security team at