Data Privacy and Compliance
See how PoliteMail measures recipients while protecting privacy.
Privacy by design and default
When developing our software products and services, we consider both our customer and their data subjects (typically employees).
By default, PoliteMail provides statistical email analysis at the anonymous level, which means, while you know who the email was sent to (e.g., the employees on the distribution list), and you will have accurate statistics regarding the number of people and devices interacted with your message, you will not know specifically who.
PoliteMail provides dedicated cloud services and databases, so your data is never at risk of being intermingled with other customers. While virtual machines may run on the same physical hardware as that of other customers, we use logical isolation and storage segregation to maintain clear separation. All data in transit is encrypted using the HTTPS TLS1.2 protocols and at rest with AES256 encryption.
We build privacy into our software and services when developing our products. We follow a security development lifecycle to address privacy and security concerns up front. We ensure we code against the SANS/CWE Top 25 most dangerous software errors, conduct static and dynamic vulnerability scanning on every build, and conduct at least annual third-party application penetration testing.