Your data is in safe hands with ContactMonkey
We’re committed to protecting your data and maintaining top-of-the-line security practices. Email us at security@contactmonkey.com for any questions.
Contact usHow we ensure the safety and integrity of your information
GDPR compliant
ContactMonkey complies with GDPR and allows data erasure requests under our GDPR Erasure Policy. Our Data Processing Addendum is available to all customers.
SOC 2 Type 2 certified
Our completion of the AICPA SOC 2 Type 2 audit affirms that our security practices, policies, and operations meet the highest industry standards.
Secure single sign-on
Available on our Enterprise plans, ContactMonkey integrates with SAML 2.0 providers (by request) for single sign-on.
Here’s what else we’re doing to secure your data
AWS cloud security
- Cloud leverage: ContactMonkey uses Amazon Web Services (AWS) for cloud infrastructure hosting and services, which is compliant with various SOC and ISO regulations.
- Data encryption: All data is encrypted at rest using AES-256 and in transit using TLS v1.2. We support hosting in the EU, US, AU, and CA.
- Isolated environments: Each customer’s data is stored within dedicated zones to prevent any unauthorized access.
Secure Personnel
- Thorough screening: All employees and contractors undergo rigorous background checks per local laws and industry standards.
- Confidentiality: signed agreements uphold the protection of sensitive information.
- Ongoing training: Regular employee security training ensures a culture of vigilance and preparedness.
Secure Development
- Lifecycles: all development projects adhere to secure development principles.
- Security integration: new projects undergo security review to incorporate essential security requirements.
- Continuous learning: Team members receive annual security development training.
Rigorous Testing
- Thorough assessment: We conduct scanning, penetration testing, and software security testing pre and post-deployment.
- OWASP standards: Our software development aligns with OWASP top 10 recommendations for web app security.
- Continuous monitoring: Our platform is under constant scrutiny by trained experts to ensure safety.
Cloud Security
- Cloud leverage: we utilize cloud services’ native security features.
- Isolated environments: each customer’s data is stored within dedicated zones to prevent any unauthorized access.
- Continuous monitoring: our platform is under constant scrutiny by trained experts to ensure safety.
Compliance Commitment
- Certification assurance: our certifications reflect our commitment to maintaining effective security practices.
SOC 2 Type II Certification
- Industry recognition: our successful completion of the SOC 2 Type II audit showcases our dedication to managing data with the highest security and compliance standards.
Got questions? Shoot us an email
“We’re proud to partner with leading brands to improve employee communication. ContactMonkey’s platform was designed with consideration of the safety and security of our customers’ data. We take it very seriously!”
Scott Pielsticker
Founder & CEO, ContactMonkey
Security FAQs
Taking control of your ContactMonkey data is easy. Simply send us a message at support@contactmonkey.com with clear instructions on what you want deleted. We’ll swiftly process your request and get back to you within 30 days.
Learn moreYour team can make data-driven decisions with confidence by using ContactMonkey’s dashboard, which provides powerful analytics from open rates and link clicks to read times, locations, and more.
Learn moreYou bet. Your data’s under lock and key! With ContactMonkey, your info is strictly for analytics in internal comms. We store sender/recipient email addresses, subject lines, and optional email bodies upon sendiing. Once opened, we track recipient IPs and device user agents. Plus, we’ve got AES 256 encryption at rest and TLS 1.2 in transit for added security.
Learn moreWith ContactMonkey’s email builder, users can create responsive HTML templates and emails right from our SaaS platform. Once created, they’re saved as JSON and HTML in our database, giving users easy access to view and modify them whenever they want. You’ve got the power to delete them entirely, wiping them from our database. Plus, emails made and sent via rich text? They don’t linger on our servers, providing extra peace of mind.
Learn more