<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=979905748791482&amp;ev=PageView&amp;noscript=1">

Security
& Data Protection

The safety of your data is essential.

This is why we obsess over making every aspect of ubisend secure.

ubisend about header illustration

Overview of our security measures

From day one, we have gone to great lengths to ensure our processes and solutions are secure. To organisations, big or small, using our services, data management is a priority.

Talk to an expert
ubisend one dot icon

Third-party certifications

ubisend is compliant to several security certifications including ISO27001 and Cyber Essentials. These certifications are obtained following a strict and thorough review of the information security measures and processes we have in place. These reviews are carried out by independent third-party specialists and reassessed frequently.

ubisend blob icon

GDPR-compliant

ubisend is compliant with the EU General Data Protection Regulation (GDPR), under the Data Protection Act 2018. This ensures the personal data that may flow through our solutions is secure. To learn more, you can refer to our privacy notice.

ubisend three icon

End-to-end encryption

ubisend encrypts all data in transit and at rest. This ensures that, in the unlikely event of a breach, sensitive data could not be accessed in plain text -- essentially adding several layers of complexity to maliciously reaching your data.

Certifications

ubisend cyberessential certification ubisend ISO27001 certification

Cloud & network

Unless otherwise requested, our infrastructure and services are hosted with Amazon AWS. AWS are, therefore, responsible for the security of the infrastructure (including physical access). Read AWS security policies.
To add a layer of security on top of the infrastructure, we encrypt all the data we send, receive, or host. Data is encrypted in transit with X.509 certificate-based RSA-2048 SSL encryption. Both in transit and at rest, data is encrypted using the industry-standard AES-256 encryption algorithm.
Our internal security team (IST) works in tandem with external teams of professionals to ensure all systems are monitored and operational.
Talk to our experts
ubisend four dots chatbot security cloud and network
ubisend four dots chatbot security codebase and environment

Codebase & environment

To protect ourselves from shipping faulty or vulnerable code, we have adopted a strict quality assurance (QA) process.
Our codebase is reviewed through both manual and automated tests. All code is built and tested by our CI/CD pipeline, ensuring no failing builds can be inadvertently deployed, mitigating the risk of bugs being pushed to production.
To avoid cross-contamination and data leaks, we keep staging and development environments separate from the production environment. This ensures real product and personal data is never used in our test environments.
Talk to our experts

Access & APIs

Access to data and backend services is governed by a strict permission structure. This structure allows us to grant access on a highly granular level.
Access to each environment (staging, development, and production) is manually granted to authorised personnel. Once granted access, all personnel must use multi-factor authentification.
Access to data through APIs and SDKs is done through keys, tokens, and secrets.
Talk to our experts
ubisend four dots chatbot security api access
ubisend four dots chatbot security employee training

Policies & training

All ubisend employees must complete and successfully pass security training. During security training, a qualified instructor covers all the points above including network access, password policies, clear desk policies, and more.
Whenever required, the Information Security Management Team (ISMT) updates the workforce of any changes to our policies.
All ubisend employees must sign non-disclosure and confidentiality agreements (NDAs).
Talk to our experts

Latest Insights