Your data is in safe hands with ContactMonkey
Global brands trust us to secure billions of digital identities. We’re committed to protecting your data and maintaining effective security practices.
How we ensure the safety and integrity of your information
All Data is Encrypted and Stored on AWS
ContactMonkey utilizes Amazon Web Services (AWS) for cloud infrastructure hosting and services. AWS is fully compliant with multiple SOC and ISO regulations. All data is encrypted at rest using AES-256 and in transit using TLS v1.2. We support EU, US, Australian, and Canadian hosting.
We Comply With GDPR Policies
Not only does ContactMonkey comply with General Data Protection Regulation (GDPR) principles, but our GDPR Erasure Policy ensures subjects have the right to request that their personal data be erased in certain circumstances. Our Data Processing Addendum is available for all our customers.
Strengthened Security With Single Sign-On (SSO) Authorization
ContactMonkey supports Single Sign-On (available on our Enterprise plans) using authorization via OAuth 2.0 for Google Apps and Microsoft. This enables users to securely login using their existing company’s user/login credentials.
SOC 2 Type 2
ContactMonkey has successfully completed the AICPA Service Organization Control (SOC) 2 Type II audit. The audit confirms that ContactMonkey’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security. An unqualified opinion on a SOC 2 Type II audit report demonstrates to our customers that we manage their data with the highest standard of security and compliance.
Here’s what else we’re doing to secure your data:
Secure Personnel
- Thorough screening: all employees and contractors undergo rigorous background checks per local laws and industry standards.
- Confidentiality: signed agreements uphold the protection of sensitive information.
- Ongoing training: regular employee security training ensures a culture of vigilance and preparedness.
Secure Development
- Lifecycles: all development projects adhere to secure development principles.
- Security integration: new projects undergo security review to incorporate essential security requirements.
- Continuous learning: team members receive annual security development training.
Cloud Security
- Cloud leverage: we utilize cloud services’ native security features.
- Isolated environments: each customer’s data is stored within dedicated zones to prevent any unauthorized access.
- Continuous monitoring: our platform is under constant scrutiny by trained experts to ensure safety.
SOC 2 Type II Certification
- Industry recognition: our successful completion of the SOC 2 Type II audit showcases our dedication to managing data with the highest security and compliance standards.
ContactMonkey Security FAQs
If you would like to delete your personal data, submit a request at support@contactmonkey.com with clear instructions about what you would like deleted. We will respond to your request within 30 days after a request is received.
ContactMonkey’s dashboard provides numerous amounts of different analytics which your team can use to make data-driven decisions. These include open rates, link clicks, read time, locations, and more.
Yes, your data is secure. When you use ContactMonkey for internal communications, the data stored is used solely for the purpose of providing you with analytics. Upon sending, we store the sender’s email address, recipient’s email address, subject line & email body (optional). Once a recipient has opened your email, we store their IP address and the user agent string of device used to open your email. All data is encrypted at rest using AES 256, and in transit using TLS 1.2.
Users can create responsive HTML templates & emails using the ContactMonkey editor in our SaaS platform. They can then export the template as HTML to be used intheir campaign while sending it. The templates are saved as JSON and as HTML in our database so that the user can view and modify them whenever they wish. Users can delete the templates as well, which completely erases it from our database. Emails created & sent using rich text are not stored on ContactMonkey servers.
“We’re proud to partner with leading brands to improve employee communication. ContactMonkey’s platform was designed with consideration of the safety and security of our customers’ data. This security page is intended as an overview of our security practices and procedures. For more information about how we use and treat our customer’s personal data, check out our Privacy Policy or contact us directly where we can answer your questions.”
Scott Pielsticker
Founder & CEO