All personal data is encrypted in transit and at rest, and, to the extent relevant from a security standpoint, treated as if it were classified as sensitive data. GCP stores encrypted data by default. We have also taken further measures by implementing record-level encryption of sensitive and customer data.

Information is always transmitted over TLS with up-to-date encryption methodologies by default.