About us > Trust

Scalable, protected and accredited

The dotmailer platform is built to protect your company and its data, when managing your communications.

  • Pages pass data over TLS.
  • dotmailer supports encrypted data transfers.
  • Access to the dotmailer platform is through a web form login with optional two-factor authentication.
  • All users of the dotmailer platform are required to change their passwords every 90 days.
  • Passwords are hashed using a NIST approved cryptographic implementation.
  • Our web login page and API enforces rate limiting to protect against brute force attacks.
  • Account access rights (import, export, read, write and send) are configurable to your needs and managed by your administrator user.
  • All your users are set up in the platform by your administrator user. Verification is by email and SMS.
  • All data is virus scanned when uploaded to the platform.
  • Our Watchdog service constantly monitors customer contact uploads. If these change from a usual pattern it automatically stops uploading. This process also protects our customers from sending to spam traps that can affect delivery.
  • Emails are sent using opportunistic TLS, employing authentication and validation systems such as DKIM and DMARC.
  • Payment processes are fully PCI-DSS compliant.
  • Granular access control permissions can be assigned to managed users.
  • Campaign links are checked against lists of high risk domains to prevent malicious use of the platform.