Security

We are nothing if we don't protect the security of our systems and data. Here's a summary of what we do to ensure your data and communications remain secure and compliant.

Enterprise-grade infrastructure

We provide robust security measures:

  • Data encryption: We automatically encrypt data at rest.
  • Secure data centres: Our infrastructure is hosted in secure, compliant data centres.
  • Regular security audits: We conduct regular third-party security assessments.
  • Automatic backups: We automatically maintain redundant backups of all customer data in isolated storage.

Compliance and data protection

We maintain compliance with major regulations:

  • GDPR compliance: Full compliance with European data protection regulations.
  • Cyber Essentials Certified: Our security practices have been independently assessed by IASME.
  • CAN-SPAM compliance: Adherence to US email marketing regulations.
  • ISO-27001 certified suppliers and partners: Our core infrastructure providers are compliant with ISO-27001 and SOC 2.
  • Privacy by design: Security and privacy built into our platform from the ground up.

Access control and authentication

Secure access to your EcoSend account:

  • Multi-factor authentication: Optional MFA for enhanced account security.
  • Role-based permissions: Control over user access and permissions.

Email authentication and protection

Protect your email sending infrastructure:

  • Built-in authentication setup: Easy configuration of SPF, DKIM, and DMARC records.
  • Encryption: We automatically encrypt data at rest.
  • Sender verification: Verification processes to prevent unauthorised sending.
  • Reputation monitoring: Monitoring of sending reputation and security status.

Dedicated to purpose-driven organisations

We're selective about who we serve, which helps maintain security:

  • Vetted customer base: We only serve purpose-driven organisations committed to ethical practices.
  • Shared security responsibility: We work with customers to maintain security best practices.
  • Transparent security practices: Open communication about our security measures and policies.
  • Security partnership: We view security as a partnership with our customers.

Protection from data loss

  • User accounts are segregated from one another through multiple layers of logic which prevent data sharing and overlap.
  • Our disaster recovery strategy uses a combination of snapshots of data and daily full backups to ensure there are multiple copies of data available to be restored.
  • Snapshots are designed to provide a quick recovery mechanism where the recovery can happen in minutes. Full backups are used when snapshots are not available to recover the data.
  • The architecture of the EcoSend platform enables our team to prioritise fixing and improving high impact services.

Specific requirements

We know every business is different. We work with our customers as a partner in their success.

When our customers succeed, we all succeed in driving our mission forward. And success is nothing without a foundation of trust.

Please get in touch with us to discuss your security requirements and learn more about what we can offer.

Security is everyone's job, and an ongoing commitment.

By following best practices and leveraging EcoSend's security features, you can protect your data, maintain compliance, and build trust with your subscribers.

Frequently asked questions

Is my data secure with EcoSend?

Absolutely. We use enterprise-grade encryption for all data in transit and at rest, maintain compliance with GDPR and other regulations, conduct regular security audits, and implement comprehensive access controls. Security is fundamental to our platform design and operations.

Does EcoSend comply with data protection regulations?

Yes, EcoSend maintains full compliance with GDPR, CAN-SPAM, and other relevant data protection regulations. We maintain privacy-by-design principles throughout our platform.

What security measures does EcoSend have in place?

EcoSend provides enterprise-grade security including data encryption, multi-factor authentication, role-based access control, comprehensive audit logging, 24/7 security monitoring, automatic backups, and secure data centre hosting. We also maintain strict access controls and conduct regular security assessments.

How does EcoSend protect against data breaches?

We implement multiple layers of protection including encryption, access controls, regular security audits, continuous monitoring, and incident response procedures. We also maintain strict data handling policies and provide security resources for our team and customers.

Last updated June 2026

Ready to grow with purpose?

Start sending smarter campaigns that build your brand and the planet.

Designed for mission-led brands • Good for your growth and your impact • Risk-free to try

Get Started Free

No credit card required. Cancel anytime.

Not ready to sign up yet?

Join our free weekly newsletter for ideas and tips on sending better emails.

Get the Weekly Newsletter