<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=979905748791482&amp;ev=PageView&amp;noscript=1">

Security
& Data Protection

The safety of your data is quintessential to the success of your chatbot. This is why we obsess over making every aspect of your solution secure.

Overview of our security measures

From day one, we have gone to great lengths to ensure our processes and solutions are secure. To organisations, big or small, using our services, data safety is a priority.

The sections below cover these security measures (and others) in more depth.

Talk to an expert

Third-party certifications

ubisend is compliant to several security certifications including ISO27001 and Cyber Essentials. These certifications are obtained following a strict and thorough review of the information security measures and processes we have in place. These reviews are carried out by independent third-party specialists and reassessed frequently.

GDPR-compliant

ubisend is compliant with the EU General Data Protection Regulation (GDPR), under the Data Protection Act 2018. This ensures the personal data that may flow through our solutions is secure. To learn more, you can refer to our privacy notice.

End-to-end encryption

ubisend encrypts all data in transit and at rest. This ensures that, in the unlikely event of a breach, sensitive data could not be accessed in plain text -- essentially adding several layers of complexity to maliciously reaching your data.

Certifications

ubisend cyberessential certification ubisend ISO27001 certification

Cloud & network

Unless otherwise requested, our infrastructure and services are hosted with Amazon AWS. AWS are, therefore, responsible for the security of the infrastructure (including physical access). Read AWS security policies.
To add a layer of security on top of the infrastructure, we encrypt all the data we send, receive, or host. Data is encrypted in transit with X.509 certificate based RSA-2048 SSL encryption. Both in transit and at rest, data is encrypted using the industry standard AES-256 encryption algorithm.
Our internal security team (IST) works in tandem with external teams of professionals to ensure all systems are monitored and operational.
Talk to our experts
chatbot security cloud and network
chatbot security codebase and environment

Codebase & environment

To protect ourselves from shipping faulty or vulnerable code, we have adopted a strict quality assurance (QA) process.
Our codebase is reviewed through both manual and automated tests. All code is built and tested by our CI/CD pipeline, ensuring no failing builds can be inadvertantly deployed, mitigating the risk of bugs being pushed to production.
To avoid cross-contamination and data leaks, we keep staging and development environments separate from the production environment. This ensures real product and personal data is never used in our test environments.
Talk to our experts

Access & APIs

Access to data and backend services is governed by a strict permission structure. This structure allows us to grant access on a highly granular level.
Access to the each environment (staging, development, and production) is manually granted to authorised personel. Once granted access, all personel must use multi-factor authentification.
Access to data through APIs and SDKs is done through keys, tokens, and secrets.
Talk to our experts
chatbot security api access
chatbot security employee training

Policies & training

All ubisend employees must complete and successfully pass security training. During security training, a qualified instructor covers all the points above including network access, password policies, clear desk policies, and more.
Whenever required, the Information Security Management Team (ISMT) updates the workforce of any changes to our policies.
All ubisend employees must sign non-disclosure and confidentiality agreements (NDAs).
Talk to our experts

Latest Insights