The plugin is created with the purpose of offering a very high security to your data. The plugin does not save credentials for accessing your CRM. Access to the CRM is only available when the admin is logged into your WordPress site admin page and requires the use of oAuth. The plugin gets the minimum rights necessary to be functional: only read rights and only for getting the calenders and forms from CRM. For displaying the calender and forms the plugin is not connecting to CRM. These security measures are in place to keep your client related data safe, even in the undesired situation that the server where you host the page is hacked. The cloud is located in redundant data centers in Zurich, Switzerland and is protected under the Swiss law, which has high restriction related to the privacy and the data protection – thus bringing you more security for your data.