Juicebox Security Basics

API Key Security

# .env (never commit)
JUICEBOX_API_KEY=jb_live_...
# .gitignore: .env

Data Privacy

• Juicebox sources from public professional profiles
• Contact data requires explicit enrichment request
• Comply with GDPR/CCPA for candidate data storage
• Implement data retention policies

Security Checklist

• API keys in environment variables
• Separate keys per environment
• Candidate data encrypted at rest
• GDPR consent for EU candidates
• Data retention policy documented

Resources

• Juicebox Privacy
• Data Sources

Next Steps

See juicebox-prod-checklist.