A summary of the data and security concerns using Pardot with FeedOtter
lists, a read-only call to provide the user with a UI for selecting the Pardot list(s) emails should be sent to. The call returns only list names, and numerical id numbers. No contact information is available. For more information read Pardot's API guide: http://developer.pardot.com/kb/api-version-4/lists/
campaigns, a read-only call to provide a UI for selecting the Pardot Campaign used for reporting on email sends. The call returns campaign names and numerical id numbers. No contact information is available. For more information read Pardot's API guide: http://developer.pardot.com/kb/api-version-4/campaigns/
emails.send, a write call that passes list and campaign ids along with HTML content to your Pardot account for the purpose of creating a new email. This call includes a date/time which denotes when the email will be sent by Pardot. No contact information is exchanged other than the TO, FROM, REPLY-TO text provided by your team as part of the email creation process in FeedOtter. For more information refer to Pardot's API documentation: http://developer.pardot.com/kb/api-version-4/
All pertinent user and account data is encrypted using AES256. This includes passwords, email addresses, api tokens, keys, and associated data.
FeedOtter's user/login password scheme uses PBKDF2
There is no use of MD5 or Sha hashing