WhatsApp is now live on Dotdigital
Book a demo
  • Products

    • Customer experience and data platform

      For marketing teams serious about exceptional CX

      Learn more »
    • Email and SMS automation platform

      For marketers ready to personalize at scale

      Learn more »
    • Ecommerce personalization platform

      For brands ready to turn browsers into buyers

      Learn more »

    Popular

    • Website personalization
    • Cross-channel marketing
    • SMS marketing
    • WhatsApp
    • Retargeting
    • Transactional messaging
    • Acquisition
    • Customer data
    • Real-time APIs
    • Single customer view
    • Segmentation
    • Marketing attribution
    • Communications API
    • What's new

    The Dotdigital difference

    • WinstonAI™ by Dotdigital

      Reduce your workload, spark creativity and uncover data-driven revenue opportunities.

    • Services and support

      Our team of experts is here to help you overcome every marketing challenge.

    • Why Dotdigital?

      Our focus on privacy, security, and sustainability make the difference.

  • Industries

    • Finance
    • Travel
    • Fashion
    • Education
    • Hospitality
    • B2B
    • Not-for-profit
    • Ecommerce
    • View industry stories

    Neal’s Yard Remedies

    Neal’s Yard Remedies transforms cart abandonment success with 419% increase in revenue

    Learn more »
  • Partnerships

    • Integration partners

      Enhance your tech stack with our partners

    • Agency partners

      Solve complex problems with our partners

    • Become a partner

    Popular integrations

    • Adobe Commerce
    • BigCommerce
    • Shopify
    • Trustpilot
    • Microsoft Dynamics
    • Salesforce
    • Shopware
    • Oracle NetSuite

    Featured partners

    • Donorfy
    • Overdose Digital
    • Silverbear
    • Shopline
  • Success

    • Blog

      Learn how to engage your customers

    • Guides

      Get best practices and insights from experts

    • Case studies

      See the success of Dotdigital's customers

    • Events and webinars

      Hear from industry experts and leaders

    Platform learning

    • Help center
    • Developer hub
    • Dotdigital Academy
    • Trust center

    The Loyalty Divide

    The report bridging the gap between what customers want and what marketers are creating.

    Learn more »
  • Pricing
Login Request demo

Trust Center

Technical and Organizational Security Measures

Dotdigital’s Information Security Management System (ISMS) has been built around the ISO 27001 framework; designed to preserve the Confidentiality, Integrity, and Availability (CIA) of Information. This is managed by a dedicated Information Security Team and is bolstered by Data Protection, Privacy, and Compliance programs which are overseen by our Data Protection Officer (DPO). Set out below are some of the controls and measures we take in the protection of information stored and processed in Dotdigital Software as a Service applications, including Fresh Relevance:

Pseudonymisation and Encryption

  • Data is transferred over TLS.
  • Data is secured at rest using AES encryption.
  • Emails campaigns are sent using opportunistic TLS, using authentication and validation systems such as DKIM and DMARC
  • Platform passwords are one-way hashed.
  • Email addresses are hashed when written to MTA logs

Confidentiality

  • Network Firewalls rules govern what can access our infrastructure.
  • Web Application Firewalls detect and block malicious web requests.
  • Role-based permissions are used to control staff access to systems and data.
  • Our web login page and API enforce rate limiting to protect against brute force attacks.
  • Web portal login can be further protected by optional two-factor authentication.
  • Staff administrative access to infrastructure is tightly controlled and employs multi-factor authentication protection.
  • A monthly patching cycle is in place to ensure the latest security updates have been applied
  • Your account access rights (import, export, read, write and send) are configurable to your needs and managed by your administrator user.
  • All your users are set up in the platform by your administrator. Verification is by email and SMS.
  • Annual independent penetration testing is performed by Crest Accredited security consultancies.
  • Annual Cyber Essentials Plus audits
  • An ongoing vulnerability scanning and management program is in place
  • Accounts (and the data within them) are deleted 90 days after cancellation

Integrity

  • All data is virus scanned when uploaded to the platform.
  • Virus scan technology is implemented throughout our infrastructure.
  • Machines are built from approved hardened images and verified in third party security assessments.
  • Our Watchdog service constantly monitors customer contact uploads. If these change from a usual pattern it automatically stops uploading. This process also protects our customers from sending to spam traps that can affect delivery
  • Employees are DBS checked
  • Event logging and account auditing is in place

Availability

  • Only Cloud Service Providers with industry-leading uptime SLA’s are used
  • Our data centers are connected to the internet with redundant internet links and bandwidth can be easily upgraded on requirement.
  • Business continuity and Disaster Recovery policies and procedures are in place and are tested.
  • There is redundancy at every component and service level, as well as spare capacity, so we can scale our servers on demand. This means Dotdigital can continue to run for prolonged periods even after experiencing major component failures, and we don’t run out of space.
  • We have restore points for critical data taken every 5 minutes. Backup data is securely kept in the same geographic regions, yet sufficiently distant to ensure data is not lost in the event of a disaster, whilst complying with local data protection regulations.
  • The platform employs anti-DoS and DDoS technology.

Table of Contents

  • Pseudonymisation and Encryption
  • Confidentiality
  • Integrity
  • Availability
  • PLATFORM
    • Explore our platform
    • Marketing automation
    • Email marketing
    • SMS marketing
    • Why Dotdigital
    • Platform tour
    • Start a trial
    • Request demo
  • COMPANY
    • About
    • Sustainability
    • Careers
    • Media center
    • Partner portal
    • Become a partner
    • Investor relations
    • Contact us
  • Learning
    • Developer hub
    • Help center
    • Dotdigital Academy
    • Trust center
    • Events
    • Videos
    • Guides
    • Dotdigital blog
  • SUBSCRIBE TO DOTDIGITAL
    This field is for validation purposes and should be left unchanged.

    Your email address will be handled in accordance with our Privacy Policy. We gather data around email opens & clicks using standard technologies including clear gifs to help us monitor and improve our newsletter.

Privacy Policy / Terms of Use / Cookie Use Policy / Modern Slavery Act Transparency Statement / Dotdigital Investor Relations

Dotdigital is a trading name of dotdigital EMEA Limited (company number: 03762341) whose registered office is at No. 1 London Bridge, London, SE1 9BG.