Trust Center
Cert No. 18479-EMS-001
Cert No. 18479-ISN-001
Cert No. IASME-CEP-001683
Empowering our customers to drive value in every digital engagement with integrity, trust and confidence
Transparency is our policy
We understand that you must be able to entrust your chosen marketing automation provider with one of your most valuable assets – data. To gain that trust, we continue to invest in technology and resources to build security and privacy into our platform. We operate a policy of transparency and aim to provide you with the information you need to feel confident in using Engagement Cloud.
We want you to be thrilled with our technology and the services we provide. If we fall short of the incredibly high standards we set ourselves, we’ll do our everything in our power to put things right. We’ll always be here to listen, act swiftly and take accountability. Our Customer Promise is our satisfaction guarantee and our commitment to providing solutions you’re delighted with.
Security
dotdigital has implemented an ISO 27001 certified Information Security Management System (ISMS); designed to identify and manage risks to the Confidentiality, Integrity, and Availability of information. This is maintained by a dedicated Information Security team who can be contacted at security@dotdigital.com. Our management approved Information Security Policy can be found here.
Our ISMS has been externally audited by a UKAS accredited certification body – Alcumus ISOQAR. Our ISO 27001 certificate can be validated here, by searching for certificate number 18479.
We are also Cyber Essentials Plus Certified, and validation of this can be found by searching for “dotdigital” on the National Cyber Security Centre website here.
We’ve also put together a list of Technical and Organisational Security Measures that we employ to keep your data safe.
Information on our platform status and historic availability is publicly available, so you are kept up-to-date with service incidents and planned maintenance:
status.dotdigital.com– Here you will find our current system status, as well as information on scheduled maintenance. Here you will also be able to subscribe to as-they-happen service notifications.
uptime.dotdigital.com – Here you can find historic availability information, broken down by region or service function.
Privacy, Data Protection and Compliance
dotdigital has appointed a Data Protection Officer (DPO) to lead our data protection, privacy, and compliance programs. The team can be contacted at privacy@dotdigital.com.
GDPR-specific data processing agreements and EU Model Contract Clauses are in place between dotdigital and its subsidiaries, as well as service providers processing data. A full list of these providers (and the role they play) can be found below in the Service Partners section. You can find dotdigitals Terms of Service here, and our data processing addendum here.
Further information on Data Protection legislation can be found here.
We’ve also got some handy resources and FAQs on the GDPR, and Brexit which can be found here and here respectively.
Platform Locations & Data Storage
dotdigital uses cloud service providers in order to provide a secure, responsive and scalable services. To safeguard the confidentiality, integrity and availability of data, only industry leading providers with state-of-the-art facilities are used. Contracts including security requirements are in place, including GDPR-specific data processing Agreements and EU Model Contract Clauses.
Microsoft Azure and the Google Cloud Platform are used to host infrastructure that powers dotdigital’s SaaS platforms. Depending on the location of your account, data will be stored in one of the following regions.
- The Engagement Cloud EU region utilises the Microsoft Azure North and West Europe facilities, and Google’s Europe region.
- The Engagement Cloud US region utilises the Microsoft Azure Central US, and East US 2 facilities, and Google’s Americas region.
- The Engagement Cloud Australia region utilises the Microsoft Azure Australia East. and Australia SouthEast facilities, and Google’s Sydney facility.
- Customers using our CPaaS and legacy SMS platforms will have data stored in Microsoft Azure North and West Europe, and Google’s UK facilities.
For more information on the physical locations of these facilities please refer to these Microsoft and Google articles.
NOTE: The Engagement Cloud Live Chat and SMS features are powered by aforementioned infrastructure hosted in the EU. Clients in all regions are able to enable these features, but should be aware that data collected and used by these features will be stored and processed in the EU.
Maintained Support
In order to maintain a stable platform, it may become necessary in certain circumstances to permit system access to Microsoft, Google and their agents.
Environment and Sustainability
Service partners
Local services, global solutions

Microsoft Azure
For the provision of the dotdigital service, including storage of customer data. Azure conforms to many international and industry-specific compliance standards. More information can be found on Azure’s Trust Center.
Microsoft uses 100% renewable energy and has been carbon neutral since 2012. More information can be found on Microsoft’s “Climate” page.

Google Cloud Platform
For the provision of the dotdigital service including storage of customer data. Google conforms to many international and industry-specific compliance standards. More information can be found on Google Cloud Platform’s Security page.
Google uses 100% renewable energy, has been carbon neutral since 2007, and has conformed to ISO 50001 since 2013. More information can be found on Google’s sustainability page.

Cloudflare
For Content Delivery Network (CDN) and web proxy services. More information can be found on Cloudflare’s Privacy & Security page.
Cloudflare uses 100% renewable energy and has been carbon neutral since 2018. More information can be found on Cloudflare’s “The Climate and Cloudflare” blog post.

Amazon Web Services
For provision of supporting network services and client image storage. AWS conforms to many international and industry-specific compliance standards. More information can be found on AWS’s compliance page.
We only use AWS servers running on 100% renewable energy. More information can be found on AWS’s sustainability page.

GGR Communications
Used for network management and inter-data center connectivity.

Interxion
Data Center Space for our email delivery services.
Interxion uses 100% renewable energy.

GTT
Internet connectivity for our email delivery services.

Zayo
Internet connectivity for our email delivery services.

MagneticOne
Suppliers of integration platforms for clients wanting to link their dotdigital account to supported third party e-commerce systems.

Phoenix47 Ltd
Out of hours weekend telephone and email first line support.

Elasticsearch
Used in the processing and storing of system logs.

Raygun
Used in the processing and storing of system logs.

Partner Hero

Microsoft Azure
For the provision of the dotdigital service including storage of customer data. Azure conforms to many international and industry specific compliance standards. More information can be found on Azure’s Trust Center.
Microsoft uses 100% renewable energy and has been carbon neutral since 2012. More information can be found on Microsoft’s “Climate” page.

Google Cloud Platform
For the provision of the dotdigital service including storage of customer data. Google conforms to many international and industry-specific compliance standards. More information can be found on Google Cloud Platform’s Security page.
Google uses 100% renewable energy, has been carbon neutral since 2007, and has conformed to ISO 50001 since 2013. More information can be found on Google’s sustainability page.
Re-ordered, moving Google up, and pushing Amazon down
New text

Cloudflare
For Content Delivery Network (CDN) and web proxy services. More information can be found on Cloudflare’s Privacy & Security page.
Cloudflare uses 100% renewable energy and has been carbon neutral since 2018. More information can be found on Cloudflare’s “The Climate and Cloudflare” blog post.

Amazon Web Services
For provision of supporting network services and client image storage. AWS conforms to many international and industry-specific compliance standards. More information can be found on AWS’s compliance page.
We only use AWS servers running on 100% renewable energy. More information can be found on AWS’s sustainability page.

GGR Communications
Used for network management and inter-data center connectivity. Interxion Data Center Space for our email delivery services. GTT Internet connectivity for our email delivery services. Zayo Internet connectivity for our email delivery services. MagneticOne Suppliers of integration platforms for clients wanting to link their dotdigital account to supported third party e-commerce systems.

GTT
Internet connectivity for our email delivery services.

Markley Group
Data center space for our email delivery services.

Zayo Group
Internet connectivity for our email delivery services.

MagneticOne
Suppliers of integration platforms for clients wanting to link their dotdigital account to supported third party e-commerce systems.

Phoenix47 Ltd
Out of hours weekend telephone and email first line support.

Elasticsearch
Used in the processing and storing of system logs.

Raygun
Used in the processing and storing of system logs.

Partner Hero

Microsoft Azure
For the provision of the dotdigital service including storage of customer data. Azure conforms to many international and industry specific compliance standards. More information can be found on Azure’s Trust Center.
Microsoft uses 100% renewable energy and has been carbon neutral since 2012. More information can be found on Microsoft’s “Climate” page.

Google Cloud Platform
For the provision of the dotdigital service including storage of customer data. Google conforms to many international and industry specific compliance standards. More information can be found on Google Cloud Platform’s Security page.
Google uses 100% renewable energy, has been carbon neutral since 2007, and has conformed to ISO 50001 since 2013. More information can be found on Google’s sustainability page.

Cloudflare
For Content Delivery Network (CDN) and web proxy services. More information can be found on Cloudflare’s Privacy & Security page.
Cloudflare uses 100% renewable energy and has been carbon neutral since 2018. More information can be found on Cloudflare’s “The Climate and Cloudflare” blog post.

Amazon Web Services
For provision of supporting network services and client image storage. AWS conforms to many international and industry-specific compliance standards. More information can be found on AWS’s compliance page.
We only use AWS servers running on 100% renewable energy. More information can be found on AWS’s sustainability page.

GGR Communications
Used for network management and inter-data center connectivity.

Webqem
Data Centre space and internet connectivity for email delivery services

MagneticOne
Suppliers of integration platforms for clients wanting to link their dotdigital account to supported third party e-commerce systems.

First Option Technical Support
Out of hours weekend telephone and email first line support.

Elasticsearch
Used in the processing and storing of system logs.

Raygun
Used in the processing and storing of system logs.

Partner Hero