AppExchange
5 Star Rating

Compliance

At GridMate, security, privacy, and trust are non-negotiable. Here’s how we keep your data safe and ensure you stay in control at all times.

App Security

GridPal LLC does not have access to your Salesforce instance by default. Customers and prospects may optionally grant temporary login access for support purposes, in accordance with Salesforce’s recommended process.

GridMate is a set of Lightning Components — all 100% native to the Salesforce platform. Our package is a Salesforce-certified managed package, listed on the AppExchange, and installed directly into your Salesforce org. No third-party services are required to run the software.

All GridMate components are built to comply with Salesforce’s native security model, including:

FLS (Field Level Security)

edit/read enforcement

CRUD (Object-Level Permissions)

create, read, update, delete

Sharing

role hierarchies, sharing rules, and Apex-managed sharing

As part of being listed on the Salesforce AppExchange, GridMate undergoes an annual security review, along with reviews for each patch release.

Security and trust are core to our values. If you discover or suspect a security issue, please contact us at support@gridmate.io.

Data Privacy

Privacy is one of our core values. The GridMate package does not collect or store any usage data from customer Salesforce instances.

GridMate includes an export feature that allows end users to download data locally. This feature can be disabled by a Salesforce Administrator at any time, based on user or profile-level permissions, depending on your internal policies.

As part of our sales and customer support process, we collect and store:

Publicly available data

Information provided directly by prospects or customers through communication

Licensing data made available via Salesforce AppExchange’s license management system

Sales data is securely stored in our Salesforce org, and used strictly for sales, support, and renewal purposes.

We do not collect, store, or share any customer or prospect data during support interactions.

As a Salesforce ISV, we remain fully aligned with Salesforce’s Security & Trust principles.

FedRAMP Assessment Logo

FedRAMP Assessment

GridMate has been reviewed by Fortreum LLC, a certified 3PAO (Third-Party Assessment Organization), for use in Salesforce Government Cloud environments.

As part of this assessment:

GridMate was evaluated against the full set of FedRAMP Moderate baseline controls, as defined by NIST 800-53 Rev. 5

The attestation confirms that GridMate:

  • Operates entirely within Salesforce Government Cloud infrastructure
  • Inherits relevant FedRAMP controls from Salesforce
  • Requires no separate infrastructure or third-party systems
  • Does not require standalone FedRAMP authorization

For more details, view our FedRAMP Attestation Letter here.

Questions?

If you have any questions about security, compliance, or data privacy, please reach out to our team at support@gridmate.io.