PoliteMail Data Security Standards

Because your data is your data. We protect it.

Paige dressed as a superhero protecting data files on a computer screen
SOC 2 logo
ISO IEC 27001 Certification
CSA logo
Shared Assessments Logo

PoliteMail’s current SOC-2, ISO27001 certification, and standard CSA and SIG assessments are available under NDA.

What are PoliteMail’s technical
and organizational security measures?

PoliteMail assesses risks annually and routinely applies appropriate technical and organizational controls, using software tools, policies and procedures to effectively manage these risks. To learn more, download our Technical and Organizational Measures document.

PoliteMail's Data Storage PDF

What data does PoliteMail
process and store?

PoliteMail primarily processes and stores distribution group membership, employee name and email address data, in order to send the broadcast email. Click below for a complete list of all data processed and stored.

PoliteMail keeps your internal email data safe

Your email content is stored in your Sent Items folder. PoliteMail processes internal broadcasts, but does not store the content of the SMTP email messages, they are simply processed and passed through. All application communications and data is encrypted in transit using HTTPS TLS 1.2. All data at rest is AES-256 encrypted. PoliteMail will maintain an audit trail of all messages sent from and to, and therefore does store employee name and email addresses, which is most often consider personally identifiable information (PII), and receives the same level of protection as any other confidential information we receive and process. We never share your data with any third parties. PoliteMail provides log transport options to move security data to your Splunk or Azure Sentinel environments. 

Mailing envelop with a lock in front of it representing PoliteMail's email security
Microsoft Azure and FedRAMP logos

PoliteMail Software is qualified for the Microsoft Government Cloud
GCC-High in Categories 2 & 3

PoliteMail Software supports U.S. Government entities, covered defense information, controlled unclassified information and other types
of federal, federal agency, NGO or other U.S. Government entity data which require GCC High and FedRamp High cloud security.

Illustration of a woman balancing contacts in one hand with a tablet and computer in the other hand

Dedicated application environments enable customized security controls

As an enterprise provider, unlike other SaaS providers of similar services, we offer dedicated SaaS services not the typical shared, multi-tenant services. We also offer your-cloud and on-prem deployment models, to put data security completely in your control.  Your SaaS services are completely isolated from other customers, provide dedicated IP addresses and host names, and support additional security configurations like ACLs, IP restrictions, certificate-based connectivity, VPNs and more. 

PoliteMail is compatible with your Microsoft infrastructure.

PoliteMail Compatible Microsoft Products

Home = Data Security