About us > Trust

You can trust us with your data

We've worked hard to ensure our infrastructure and the team behind it is world class.

  • We are Cyber Essentials Plus Certified
  • We use secure data centres within the EU or in the US depending on your region. All hold a broad set of industry standard accreditations such as ISO27001, ISO9001 and list X.
  • Our data centres are connected to the internet with redundant internet links and bandwidth can be easily upgraded on requirement.
  • There is redundancy at every component and service level, as well as spare capacity and we can scale our servers on demand. This means dotmailer can continue to run for prolonged periods even after experiencing major component failures, and we don't run out of space.
  • All new dotmailer employees are DBS checked
  • Our infrastructure is protected by firewall clusters and all management access requires two-factor authentication.
  • We make use of leading cloud providers and content distribution networks to host our email images.
  • Virus scan technology is implemented throughout our infrastructure.
  • Annual independent third party security assessments.
  • An ongoing vulnerability scanning and management program.
  • Machines are built from approved hardened images, and verified in third party security assessments.
  • A monthly patching cycle is in place to insure the latest security updates have been applied
  • We have restore points for critical data and these are taken every 5 minutes.  Backup data is securely kept at same geographic regions, yet sufficiently distant to ensure data is not lost in the event of a disaster, whilst complying with local data protection regulation.
  • We employ skilled information security and data privacy specialists in our team to ensure security is always a priority.
  • EU Model Contracts are in place between dotmailer and its subsidiaries, as well as subcontractors processing data.
  • Role based permissions are used to control staff access to systems and data.
  • Management access to infrastructure is tightly controlled, and employs multi-factor authentication protection.