SendBound Trust & Security
At SendBound, the security and privacy of customer data is our #1 priority!
Transparency is ESSENTIAL
SendBound’s first priority is to make your experience safe and secure and to ensure you have the information you need to feel comfortable with your email marketing. That’s why we created the Trust Center: to give you access to the latest SendBound security, compliance, legal, privacy, and system performance information, when and where you need it.
SendBound Trust & Security Protocols
PRIVACY
At SendBound we believe that you own your data, and we’re committed to keeping it private. Our privacy policy clearly describes how we handle and protect your information. On an annual basis our independent third-party auditors test our privacy related controls and provide their reports and opinions which we can then provide to you. To report an issue with privacy please submit a ticket on our Contact Us page.
Here are a few ways we protect your data:
Data Deletion/Destruction
Upon request SendBound will work to expunge all customer data and solely owned artifacts from our systems. Artifacts under legal hold or owned by multiple parties will be deleted upon completion of the legal hold process or upon deletion by the other parties at their discretion.
To initiate a data deletion / data destruction event please contact support@sendbound.com
Payment Info
We process all payments through our payment provider, Stripe, and do NOT store cardholder data on our servers. SendBound is PCI compliant for payment processing.
SUB-SERVICE PROVIDERS
At least once a year, SendBound performs a review of our sub-service providers. In the event these reviews have material findings which we determine present risks to SendBound or our customers, we’ll work with the service provider to understand any potential impact to customer data and track their remediation efforts until the issue is resolved.
SECURITY INCIDENTS & REPORTING
Reporting an issue with privacy
At SendBound we believe that you own your data, and we’re committed to keeping it private. Our privacy policy clearly describes how we handle and protect your information. On an annual basis our independent third-party auditors test our privacy related controls and provide their reports and opinions which we can then provide to you.
If you need to submit a request with respect to privacy related concern please submit it to privacy@sendbound.com
Reporting a potential security incident
If you need to submit a potential security incident to SendBound please provide a summary report to the SendBound Security Team as an attachment to abuse@sendbound.com. The security team will evaluate the report and arrange to discuss specifics.
Reporting SPA
If you think that you’ve received a fraudulent email pretending to come from SendBound, send the email as an attachment to abuse@sendbound.com and delete it.
APPLICATION SECURITY
Beyond traditional encryption
SendBound protects data in transit between our apps and our servers, and at rest. Emails are stored behind a firewall and authenticated against the sender’s session every time a request for that email is made. We enforce the use of industry best practice for the transmission of data to our platform (Transport Layer Security TLS) and data is stored in a SOC 1 Type II, SOC 2 Type I, and ISO 27001 certified data centers. Your emails are stored and encrypted at rest using AES 256-bit encryption.
Rigorous security testing
We regularly test our infrastructure and apps to identify and patch vulnerabilities. We also work with third-party specialists, industry security teams, and the security research community to keep our users and their files safe. Potential security bugs and vulnerabilities can be reported to us on the third-party service HackerOne.
DEDICATED & EXPERIENCED
At SendBound we have a dedicated Security Team with a Head of Information Security who is directly responsible for the security of SendBound products and services.
Additionally we have a formal information security program in place that leads an information and Risk Management Committee. This committee periodically meets to review security-related initiatives at the product, infrastructure, and company level.
To ensure all employees are able to champion the security of customer data we work to ensure security is embedded in our company culture from day one. Employees undergo comprehensive background checks, sign and follow a code of conduct and acceptable use policies, as well as undergo periodic security awareness training.
To ensure teams are prepared for the unexpected, SendBound performs red team testing against our employee base to ensure they are prepared to act appropriately when faced with a potential security event. In general we want to ensure we can detect physical, network, and system vulnerabilities by taking an attacker-like approach.
Get Started, It's Free - FOREVER
Our powerful, easy-to-use email marketing tools can help your business take off. Start sending beautiful emails today. No credit card required.