Your data is in safe hands with ContactMonkey

Global brands trust us to secure billions of digital identities. We’re committed to protecting your data and maintaining effective security practices.

Trusted by 10k communicators worldwide

How we ensure the safety and integrity of your information

aws logo

All Data is Encrypted and Stored on AWS

ContactMonkey utilizes Amazon Web Services (AWS) for cloud infrastructure hosting and services. AWS is fully compliant with multiple SOC and ISO regulations. All data is encrypted at rest using AES-256 and in transit using TLS v1.2. We support EU, US, Australian, and Canadian hosting.

We Comply With GDPR Policies

Not only does ContactMonkey comply with General Data Protection Regulation (GDPR) principles, but our GDPR Erasure Policy ensures subjects have the right to request that their personal data be erased in certain circumstances. Our Data Processing Addendum is available for all our customers.

Strengthened Security With Single Sign-On (SSO) Authorization

ContactMonkey supports Single Sign-On (available on our Enterprise plans) using authorization via OAuth 2.0 for Google Apps and Microsoft. This enables users to securely login using their existing company’s user/login credentials.

soc 2 logo verified by vanta

SOC 2 Type 2

ContactMonkey has successfully completed the AICPA Service Organization Control (SOC) 2 Type II audit. The audit confirms that ContactMonkey’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security. An unqualified opinion on a SOC 2 Type II audit report demonstrates to our customers that we manage their data with the highest standard of security and compliance.

Here’s what else we’re doing to secure your data:

Secure Personnel

  • Thorough screening: all employees and contractors undergo rigorous background checks per local laws and industry standards.
  • Confidentiality: signed agreements uphold the protection of sensitive information.
  • Ongoing training: regular employee security training ensures a culture of vigilance and preparedness.

secure personnel
secure development

Secure Development

  • Lifecycles: all development projects adhere to secure development principles.
  • Security integration: new projects undergo security review to incorporate essential security requirements.
  • Continuous learning: team members receive annual security development training.

Rigorous Testing

  • Thorough assessment: we conduct scanning, penetration testing, and software security testing pre and post-deployment.
  • OWASP standards: our software development aligns with OWASP top 10 recommendations for web app security.

secure testing
ckoud security

Cloud Security

  • Cloud leverage: we utilize cloud services’ native security features.
  • Isolated environments: each customer’s data is stored within dedicated zones to prevent any unauthorized access.
  • Continuous monitoring: our platform is under constant scrutiny by trained experts to ensure safety.

Compliance Commitment

  • Certification assurance: our certifications reflect our commitment to maintaining effective security practices.

soc 2 type 2

SOC 2 Type II Certification

  • Industry recognition: our successful completion of the SOC 2 Type II audit showcases our dedication to managing data with the highest security and compliance standards.

ContactMonkey Security FAQs

If you would like to delete your personal data, submit a request at with clear instructions about what you would like deleted. We will respond to your request within 30 days after a request is received.

Learn More

ContactMonkey’s dashboard provides numerous amounts of different analytics which your team can use to make data-driven decisions. These include open rates, link clicks, read time, locations, and more.

Learn More 

Yes, your data is secure. When you use ContactMonkey for internal communications, the data stored is used solely for the purpose of providing you with analytics. Upon sending, we store the sender’s email address, recipient’s email address, subject line & email body (optional). Once a recipient has opened your email, we store their IP address and the user agent string of device used to open your email. All data is encrypted at rest using AES 256, and in transit using TLS 1.2.

Learn More 

Users can create responsive HTML templates & emails using the ContactMonkey editor in our SaaS platform. They can then export the template as HTML to be used intheir campaign while sending it. The templates are saved as JSON and as HTML in our database so that the user can view and modify them whenever they wish. Users can delete the templates as well, which completely erases it from our database. Emails created & sent using rich text are not stored on ContactMonkey servers.

Learn More 

“We’re proud to partner with leading brands to improve employee communication. ContactMonkey’s platform was designed with consideration of the safety and security of our customers’ data. This security page is intended as an overview of our security practices and procedures. For more information about how we use and treat our customer’s personal data, check out our Privacy Policy or contact us directly where we can answer your questions.”

Scott Pielsticker

Founder & CEO

Boost employee engagement from your inbox