Your data is in safe hands with ContactMonkey
Your security comes first in everything we build. With advanced infrastructure, automation, and constant monitoring, your data is always protected.
Certified from the start
SOC 2 Type 2 certified
Our completion of the AICPA SOC 2 Type 2 audit affirms that our security practices, policies, and operations meet the highest industry standards.
GDPR compliant
ContactMonkey complies with GDPR and allows data erasure requests under our GDPR Erasure Policy. Our Data Processing Addendum is available to all customers.
Secure single sign-on
Available on our Enterprise plans, ContactMonkey integrates with SAML 2.0 providers (by request) for single sign-on.
End-to-end security you can trust
Enjoy fast and reliable enterprise-grade security for your internal communications.
Data security
- Automated backups: ContactMonkey’s databases are regularly backed up to protect customer data and ensure it’s easily recoverable in case of disruptions.
- Data encryption: All data is encrypted at rest using AES-256 and in transit using TLS v1.2 to protect your information from unauthorized access.
- Multi-region strategy: Have your data close to home. Our application is available in the USA, Western Europe, Australia and Asia Pacific, and Canada.
Environment security
- Cloud leverage: We use Amazon Web Services (AWS) for cloud infrastructure hosting and services.
- Continuous monitoring: Our platform is continuously monitored by experts to ensure safety.
- Vetted vendors: All third-party vendors are evaluated for SOC 2 compliance and best practices.
- Proactive alerts: Our engineering team swiftly addresses newly detected vulnerabilities.
- Access control: Production environment access is tightly controlled with least privilege standards.
External security assessment
- Third-party testing: Annual independent penetration testing ensures robust security.
- SOC 2 verification: Annual SOC 2 audits by independent auditors validate our adherence to top security standards.
“ContactMonkey makes me feel confident that my emails are going to the right audience in a secure and confidential way.”
Caitlin Z
Enterprise company (>1,000 employees)
Secure software delivery
- Secure development & integration: All projects follow secure development principles and undergo review to ensure protection from the start.
- Manual & automated testing: All system changes undergo thorough automated and manual testing before production deployment.
- Peer-reviewed code: All system changes are peer-reviewed and tested by our engineers to guarantee secure delivery to production.
Security-ready team
- Annual security training: Mandatory employee security training ensures all staff are vigilant and prepared.
- Rigorous screening: All employees and contractors undergo background checks as per local laws and industry standards.
- Confidentiality: Signed agreements uphold the protection of sensitive information.
- Security & risk management team: Our multi-department Security & Risk Management team oversees company-wide security.
Security FAQs
Taking control of your ContactMonkey data is easy. Simply send us a message at support@contactmonkey.com with clear instructions on what you want deleted. We’ll swiftly process your request and get back to you within 30 days.
Learn moreYour team can make data-driven decisions with confidence by using ContactMonkey’s dashboard, which provides powerful analytics from open rates and link clicks to read times, locations, and more.
Learn moreYou bet. Your data’s under lock and key! With ContactMonkey, your info is strictly for analytics in internal comms. We store sender/recipient email addresses, subject lines, and optional email bodies upon sending. Once opened, we track recipient IPs and device user agents. Plus, we’ve got AES 256 encryption at rest and TLS 1.2 in transit for added security.
Learn moreWith ContactMonkey’s email builder, users can create responsive HTML templates and emails right from our SaaS platform. Once created, they’re saved as JSON and HTML in our database, giving users easy access to view and modify them whenever they want. You’ve got the power to delete them entirely, wiping them from our database. Plus, emails made and sent via rich text? They don’t linger on our servers, providing extra peace of mind.
Learn moreAre you a security researcher? Do you think you have found a vulnerability in the ContactMonkey system? We are happy to connect with you via security@contactmonkey.com. Please be aware that at this time that ContactMonkey is not operating a bug bounty program.
Learn moreGot security questions?
Fill out this form, and we’ll get back to you soon. Or, email us directly at security@contactmonkey.com.
Top-voted internal comms software on