Salesforce Compare does not store, access or manipulate any Salesforce records. Only metadata is accessed.

Event data are stored to Google BigQuery for easy analysis and aggregation. Event data is only exported if enabled on the connection. By default it is not. All data can be deleted at any time.

Metadata search stores basic information about metadata for connection in Google Cloud SQL. This is done for faster searches across all metadata. The content of the metadata is not stored. A link for navigating to Salesforce is provided for the metadata where the content can view viewed. Data can be deleted (or refreshed) at any time.

All access and refresh tokens for connections are encrypted in Google Cloud SQL. Refresh token is stored to be able to refresh access token for the connection on the fly. Encryption is done with AES256 asymmetric encryption and the key for encryption / decryption is stored in Google Kubernetes Secrets, AWS S3, Google Cloud Storage and Azure Blob connection access strings are also encrypted using the same method.

For implementation and architecture see Implementation and Architecture