Security | Bulk Banner for Figma

Last Updated: July 9, 2024

Data Handling and Security

At Bulk Banner, we take the security and privacy of your data seriously. This page outlines how our Figma plugin, Bulk Banner, handles data and the security measures we have in place.

Data Processing

Our plugin does interact with and process data from your Figma documents. Here's an overview of how data is handled:

1. The Figma plugin (client-side) reads frame data from your Figma document, including:
   • Frame names
   • Frame dimensions
   • Image data exported as PNGs
2. This data is sent to our backend server via secure HTTPS POST requests.
3. Our backend server processes this data to generate GIFs or HTML animations based on your Figma frames.
4. The processed data is then sent back to the plugin as a zip file for you to download.

Security Measures

We have implemented several security measures to protect your data:

• CORS (Cross-Origin Resource Sharing): We use CORS middleware to control which origins can access our API, preventing unauthorized access from other domains.
• Rate Limiting: We've implemented rate limiting on our API endpoints to prevent abuse and ensure fair usage.
• Input Validation and Sanitization: All input data is validated and sanitized before processing to prevent injection attacks and ensure data integrity.
• Temporary Processing: We use temporary directories for processing your data, which are automatically cleaned up after each request.
• HTTPS: All data transmission between the plugin and our servers is encrypted using HTTPS.
• Data Minimization: We only collect and process the data necessary for the functionality of the plugin.

Data Retention

We do not store your Figma data or the generated animations on our servers beyond the processing time. Once the zip file is generated and sent back to the plugin, all temporary files are deleted from our servers.

Third-Party Services

Our plugin does not share your data with any third-party services. All processing is done on our own secure servers.

User Control

You have full control over when the plugin accesses your Figma data. The plugin only processes the frames you explicitly select and only when you initiate the generation process.

Compliance

Our data handling practices are designed to comply with relevant data protection regulations, including GDPR where applicable.

Updates to Security Practices

We continuously review and update our security practices. Any significant changes to how we handle data will be reflected in updates to this security page.

Contact Us

If you have any questions or concerns about our security practices or how we handle your data, please contact us at support@bulkbanner.com.