Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

Welcome to Sinch's Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation.

For your convenience, we have broken down the trust center into four different buckets to better assist you with your Security and Compliance needs. You can navigate between products using the dropdown at the top of the page.

  • Sinch Messaging Products including • Sinch Campaigns • Sinch Chatlayer • Sinch ContactPro • Sinch MessengerPeople • Sinch Nova • Sinch NovaMMS • Sinch RTCx • Sinch SDI • Sinch4marketing • Sinch Wavy (LATAM) • Sinch Xura
  • Sinch Email Products including • Mailgun • Mailjet • Email on Acid
  • Sinch Voice Products including • Inteliquent • UCaaS • Phaxio • Acrobits
  • Sinch MessageMedia Products including • MessageMedia • ClickSend • Bulletin • SimpleTexting

Breaking security news can always be found at the bottom of the page. This includes breaking vulnerability news, issues with current products, and happenings at the company.

If you subscribe, you will be alerted when new audit reports are available. Drop us a question and we will respond directly back to you!

Documents

REPORTSOther Reports

Self-Assessments

We are working on our security compliance. We can provide completed questionnaires upon request.

App Security

We take application security seriously and are putting together a program to monitor internal apps.

Access Control

Access is tightly monitored and controlled at our company. We are happy to provide more details about our access control practices upon request.

Network Security

We protect our corporate network against external & internal threats.

Trust Center Updates

DORA Compliance

Compliance
Copy link

Sinch has written agreements with customers, third parties and sub-contractors that meet or exceed the requirements set forth by DORA. Reporting obligations, notifications, exit strategies, business continuity, and general security requirements are in place to ensure data is protected and available to align with contractual obligations and known regulations (DORA included). This is tested as part of our ISO 27001:2022 audit and SOC 2 annual audits.

We have an addendum to our services agreement that are more tailored to our specific services and the sub-processors used. Please visit https://powerforms.docusign.net/00d7d864-ab6a-43a5-9f0d-46cc2d127f66?env=na3&acct=f41dab26-3adc-4e3d-a829-50cd5536ba58&accountId=f41dab26-3adc-4e3d-a829-50cd5536ba58 if you wish to execute our standard addendum, and you will receive a copy once signed.

Published at N/A

Salt Typhoon Impact

Vulnerabilities
Copy link

Sinch has taken steps to investigate any impact or vulnerabilities following the Salt Typhoon cyberattack, a sophisticated intrusion linked to foreign state-sponsored actors. We have followed CISA's hardening recommendations including improving visibility, reducing existing vulnerabilities, eliminating common misconfigurations, and limiting the attack surface.

Evaluation of our systems has validated that there is no evidence of any impacts to our organization. The confidentiality, integrity, and availability of our systems remain unharmed. Sinch is committed to protecting your data and has established and implemented administrative, technical, and physical safeguards in place. For further details regarding our security program, please review the information on this Trust Center.

Published at N/A

Data Privacy Framework

Compliance
Copy link

Mailgun Technologies, Inc. has self-certified for the EU-US Data Privacy Framework but will not be listed on the active companies listing until the next update of our Privacy Policy which is expected on Jan. 15th, 2025. We expect the self certification approval shortly afterwards.

Published at N/A

Mailgun Technologies, Inc., US company, part of the Sinch group, has submitted its self-certification application and is awaiting the response on the DPF. Given the large number of applications, the Dept of Commerce is taking more than anticipated in reviewing them. Please continue to check the active list of certified companies to see our company registered. In any event, we will continue to adhere to the strictest standards of data privacy and continue to maintain adequate and supplemental technical and organizational measures for any and all transfers to and from the US and EU.

Published at N/A

Mailgun Technologies, Inc. is currently evaluating its participation and self-certification into the Data Privacy Framework. Please note that the self-certification is voluntary, and the Data Privacy Framework applies nonetheless since July 10, 2023. We will continue to adhere to the strictest of standards of data privacy and continue to maintain adequate and supplemental technical and organizational measures for any transfers to and from the US and EU.

Published at N/A

SOC2 Type I for Sinch Messaging API - SMS, Sinch Messaging API - MAD, Nobill, Rialto

Compliance
Copy link

Sinch has completed its SOC2 Type I for Sinch Messaging API - SMS, Sinch Messaging API - MAD, Nobill, and Rialto. The report is now available for download from our Trust Center.

Published at N/A

SOC2 Type II for Mailgun Technologies (Mailgun, Mailjet and Email on Acid services) is now available!

Compliance
Copy link

Mailgun Technologies, Inc has completed its SOC2 Type II for Mailgun, Mailjet and Email on Acid Services for the August 1, 2023 to July 31, 2024 period. The report is now available for download from our Trust Center.

Published at N/A

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Powered bySafeBase Logo