Enterprise Security

Your data is
safe with us

Security isn't an afterthought—it's built into everything we do. We protect your data with the same standards used by financial institutions.

API Documentation Contact Security Team

99.99%

Uptime SLA

Data breaches

<72hr

Incident notification

24/7

Security monitoring

Security Features

Multiple layers of protection for your data

Encryption at Rest

All data is encrypted using AES-256 encryption. Your emails, contacts, and templates are protected at the database level.

Encryption in Transit

All communications use TLS 1.3 encryption. We enforce HTTPS everywhere and support DKIM, SPF, and DMARC.

Two-Factor Authentication

Protect your account with TOTP-based 2FA. Enterprise plans support SSO with SAML 2.0 and OIDC.

Role-Based Access Control

Fine-grained permissions let you control exactly who can access what. Define custom roles for your team.

Data Isolation

Multi-tenant architecture with complete data isolation. Your data is never mixed with other customers.

Automated Backups

Continuous backups with point-in-time recovery. Data is replicated across multiple geographic regions.

Compliance & Certifications

Industry standards and regulatory compliance

Certified

SOC 2 Type II

Independently audited security controls covering data protection, availability, and confidentiality.

Compliant

GDPR

Full compliance with EU data protection regulations. Standard contractual clauses available.

Ready

HIPAA

Healthcare-grade security for medical communications. BAA available for Enterprise customers.

Compliant

CCPA

California Consumer Privacy Act compliance for US user data protection.

Compliant

CAN-SPAM

Built-in compliance with US anti-spam legislation including unsubscribe handling.

In Progress

ISO 27001

Information security management system certification in progress.

View our Data Processing Agreement

Infrastructure Security

Enterprise-grade infrastructure protection

Network Security

DDoS protection and mitigation
Web Application Firewall (WAF)
Private network isolation
Geographic traffic filtering

Application Security

Secure software development lifecycle
Regular dependency updates
Input validation and sanitization
SQL injection prevention

Monitoring & Response

24/7 security monitoring
Automated threat detection
Incident response procedures
Regular security testing

Physical Security

SOC 2 certified data centers
Biometric access controls
24/7 on-site security
Environmental controls

Our Security Practices

How we maintain the highest security standards

Continuous Monitoring

Real-time monitoring of all systems with automated alerting for suspicious activity.

Bug Bounty Program

We partner with security researchers to identify and fix vulnerabilities responsibly.

Security Training

All employees undergo security training and background checks before joining.

Regular Audits

Annual third-party security audits and quarterly penetration testing.

Bug Bounty Program

Found a vulnerability?

We appreciate responsible disclosure. If you discover a security vulnerability, please report it through our bug bounty program. We reward valid submissions.

Response within 24 hours

Bounties up to $10,000

Safe harbor protection

Report a Vulnerability

Scope Includes

Authentication and session management
Authorization and access control
Injection vulnerabilities
Cross-site scripting (XSS)
Cross-site request forgery (CSRF)
Server-side request forgery (SSRF)
API security issues
Data exposure vulnerabilities

Please review our full vulnerability disclosure policy before submitting.

Security FAQ

Common questions about our security practices

Questions about security?

Our security team is here to help. Get in touch for security documentation, compliance questions, or to request our SOC 2 report.

Contact Security Team View API Docs

Your data issafe with us

Security Features

Encryption at Rest

Encryption in Transit

Two-Factor Authentication

Role-Based Access Control

Data Isolation

Automated Backups

Compliance & Certifications

SOC 2 Type II

GDPR

HIPAA

CCPA

CAN-SPAM

ISO 27001

Infrastructure Security

Network Security

Application Security

Monitoring & Response

Physical Security

Our Security Practices

Continuous Monitoring

Bug Bounty Program

Security Training

Regular Audits

Found a vulnerability?

Scope Includes

Security FAQ

Questions about security?

Your data issafe with us

Security Features

Encryption at Rest

Encryption in Transit

Two-Factor Authentication

Role-Based Access Control

Data Isolation

Automated Backups

Compliance & Certifications

SOC 2 Type II

GDPR

HIPAA

CCPA

CAN-SPAM

ISO 27001

Infrastructure Security

Network Security

Application Security

Monitoring & Response

Physical Security

Our Security Practices

Continuous Monitoring

Bug Bounty Program

Security Training

Regular Audits

Found a vulnerability?

Scope Includes

Security FAQ

Questions about security?

Your data is
safe with us

Your data is
safe with us