Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

For an update to security vulnerabilities please see information on the bottom of the page!

Here at Sinch Email (Mailgun, Mailjet and Email On Acid) we take security and privacy seriously. On this Security Status Page you can find an overview of our internal security program. You can also request access to our audit reports and security policies for review.

Send us a note at security@mailgun.com if you have any additional questions.

Documents

Featured Documents

COMPLIANCEISO 27001
Trust Center Updates

DORA Compliance

Compliance
Copy link

Sinch has written agreements with customers, third parties and sub-contractors that meet or exceed the requirements set forth by DORA. Reporting obligations, notifications, exit strategies, business continuity, and general security requirements are in place to ensure data is protected and available to align with contractual obligations and known regulations (DORA included). This is tested as part of our ISO 27001:2022 audit and SOC 2 annual audits.

We have an addendum to our services agreement that are more tailored to our specific services and the sub-processors used. Please visit https://powerforms.docusign.net/00d7d864-ab6a-43a5-9f0d-46cc2d127f66?env=na3&acct=f41dab26-3adc-4e3d-a829-50cd5536ba58&accountId=f41dab26-3adc-4e3d-a829-50cd5536ba58 if you wish to execute our standard addendum, and you will receive a copy once signed.

Published at N/A

Salt Typhoon Impact

Vulnerabilities
Copy link

Sinch has taken steps to investigate any impact or vulnerabilities following the Salt Typhoon cyberattack, a sophisticated intrusion linked to foreign state-sponsored actors. We have followed CISA's hardening recommendations including improving visibility, reducing existing vulnerabilities, eliminating common misconfigurations, and limiting the attack surface.

Evaluation of our systems has validated that there is no evidence of any impacts to our organization. The confidentiality, integrity, and availability of our systems remain unharmed. Sinch is committed to protecting your data and has established and implemented administrative, technical, and physical safeguards in place. For further details regarding our security program, please review the information on this Trust Center.

Published at N/A

Data Privacy Framework

Compliance
Copy link

Mailgun Technologies, Inc. has self-certified for the EU-US Data Privacy Framework but will not be listed on the active companies listing until the next update of our Privacy Policy which is expected on Jan. 15th, 2025. We expect the self certification approval shortly afterwards.

Published at N/A

Mailgun Technologies, Inc., US company, part of the Sinch group, has submitted its self-certification application and is awaiting the response on the DPF. Given the large number of applications, the Dept of Commerce is taking more than anticipated in reviewing them. Please continue to check the active list of certified companies to see our company registered. In any event, we will continue to adhere to the strictest standards of data privacy and continue to maintain adequate and supplemental technical and organizational measures for any and all transfers to and from the US and EU.

Published at N/A

Mailgun Technologies, Inc. is currently evaluating its participation and self-certification into the Data Privacy Framework. Please note that the self-certification is voluntary, and the Data Privacy Framework applies nonetheless since July 10, 2023. We will continue to adhere to the strictest of standards of data privacy and continue to maintain adequate and supplemental technical and organizational measures for any transfers to and from the US and EU.

Published at N/A

SOC2 Type I for Sinch Messaging API - SMS, Sinch Messaging API - MAD, Nobill, Rialto

Compliance
Copy link

Sinch has completed its SOC2 Type I for Sinch Messaging API - SMS, Sinch Messaging API - MAD, Nobill, and Rialto. The report is now available for download from our Trust Center.

Published at N/A

SOC2 Type II for Mailgun Technologies (Mailgun, Mailjet and Email on Acid services) is now available!

Compliance
Copy link

Mailgun Technologies, Inc has completed its SOC2 Type II for Mailgun, Mailjet and Email on Acid Services for the August 1, 2023 to July 31, 2024 period. The report is now available for download from our Trust Center.

Published at N/A

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Powered bySafeBase Logo