Stood Flows

Security & Privacy

Stood Flows is built around a simple principle: the safest data is data that never moves. As a desktop application, it connects directly from your machine to your own Salesforce ORGs — no cloud backend, no intermediary, no data in transit to us. Every architectural decision flows from that: read-only access, local storage, signed binaries, zero telemetry.

Stood Flows reads only what it needs to build the picture — configuration, metadata, licences, and usage counts. No business records, no personal data, no content of any kind. Your org data stays yours, entirely.

No business data. No personal data. Ever.

Stood Flows reads only the structural layer of your Salesforce org — object schemas, configuration, automation rules, page layouts, licence assignments, and aggregated usage counts. It never fetches business records, transaction data, or any personally identifiable information. What gets analysed is how your org is built, not what is in it.

Your data never leaves your machine

Stood Flows runs entirely on the architect's desktop. No customer org data is transmitted to Stood, stored on our servers, or routed through any third-party service. The only connection is between your machine and your own Salesforce org.

Read-only by design — at every level

Stood Flows cannot write to your Salesforce org. Read-only access is enforced at three independent layers: the application interface exposes no write surface, the integration layer has no write operations wired up, and all inputs are validated against a strict allowlist before reaching Salesforce. There is no code path through which a write could occur.

Your Salesforce permissions stay in control

The application operates within the permissions of your authenticated Salesforce user. Your existing org controls — object and field-level security, IP restrictions, MFA, session timeouts — all apply unchanged. For production orgs, we recommend a dedicated, scoped permission set to keep the connection auditable and minimal.

No credentials stored by the application

Stood Flows never stores your Salesforce credentials. Authentication is handled entirely by the Salesforce CLI using your operating system's secure keychain. We don't see your tokens, and neither does anyone else.

Digitally signed installer

The Stood Flows installer is digitally signed on both platforms — Apple Developer ID on macOS, Microsoft-trusted certificate on Windows. Your operating system verifies the signature automatically at install time.

No telemetry. No background sync. No surprises.

We collect no usage analytics, send no telemetry beacons, and run no background sync. What you analyse stays on your machine.