Compliance & Certifications

Emailage security best practices.

We strive to be uncommonly customer-centric because we know how important your data is to you. That’s why security is top-of-mind for every member of our team. We are committed to providing industry-leading security and compliance best practices.


Our fault-tolerant data centers are geographically distributed and hosted within secure PCI, SSAE 16, SOC II compliant environments.


Security measures include firewalls, vulnerability scanning, distributed denial-of-service (DDoS) prevention and network posture assessment.


Our application interfaces and APIs use the most recent SSL encryption technology complemented by a strong authentication policy.



Service Organization Controls (SOC) is an audit framework for non-privacy principles that includes security, availability, processing integrity and confidentiality. Emailage completed our first independent third-party audit for SOC 2, completed Q1 2017. All Emailage data centers comply with leading security policies and frameworks, including SSAE 16, SOC framework, ISO 27001 and PCI DSS Level 1.

Cyber Essentials Certification

Cyber Essentials is a UK Government-backed, industry-supported certification scheme introduced in the UK to help organizations demonstrate operational security against common cyber-attacks.

It demonstrates the baseline security controls Emailage implements to mitigate the risk from common Internet-based threats. It is endorsed by the UK Government and backed by industry, including the Information Assurance for Small and Medium Enterprises (IASME) consortium and the Information Security Forum (ISF).

Click here to download the Emailage Cyber Essentials certificate >>

Privacy Shield Framework

The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration. It provides companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.

International Association of Privacy Professionals

Emailage is proud to be a corporate member of the International Association of Privacy Professionals (IAPP). The IAPP is the world’s largest and most comprehensive information privacy community and resource. Founded in 2000, the IAPP is a not-for-profit organization that helps define, support and improve the privacy profession globally.

Your Security: Our Approach

Emailage utilizes advanced security technology. Here's an overview of our practices, policies and operations.

Security Audits

We regularly scan our systems for security vulnerabilities and perform third-party penetration tests annually. Only Emailage engineers have access to production environments and activity is regularly audited.

Privacy Policies

Strict data privacy policies block access to personal data and ensure it is only used to deliver the services configured. All Emailage employees are trained on privacy policies and notified of ongoing updates.

Employee Policies

All employees undergo thorough background checks prior to being hired and active employees participate in annual information security training.

Incident Report

We strictly follow an incident policy for responding to and reporting different vulnerability risks. Our Incident Response Team monitors alerts seven days a week.

Emailage Security & Compliance Overview

For a full rundown of how we work to implement security best practices, download our whitepaper:

Download Now

Join us in the one click-world

Fight fraud. Give your customers the experience they deserve.

Request A Demo