Boomerang for Android Product Security

Hosted Data

Boomerang takes security and privacy very seriously.  All servers are hosted in data centers that are both SAS-70 Type II and ISO 27001 certified. 

Boomerang servers do not store message bodies in any form. The Boomerang servers store only message headers, used to uniquely identify messages when sending or returning them.

SOC-2

Baydin, Inc (the parent company of Boomerang) completed a SOC-2 Type II audit in 2022.

Passwords

Boomerang does not have access to user passwords.  Boomerang for Gmail relies on Google Oauth 2.0 for authentication while Boomerang for Outlook uses Microsoft's Oauth 2.0.

Verified by Google

Boomerang for Gmail has undergone Google’s OAuth API verification process, which includes a Privacy Policy review and a security assessment.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.