As a provider of high-volume email solutions to thousands of companies around the globe, data privacy is a topic that SocketLabs takes very seriously. While protecting customer data has always been critically important, recently minted regulations such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) in the US are raising the stakes for businesses around the world in the form of dramatic fines and penalties. Increased enforcement of these regulations is a major concern for many SaaS companies, but SocketLabs – through our relationship with a leading privacy strategy and consulting firm – has taken a leadership position in this arena.
SocketLabs Privacy Pledge
SocketLabs is committed to protecting our customers’ data – period.
We don’t use, sell, or package customer data for any secondary commercial purpose. Customer data is only used for providing our industry-leading email delivery service. And the process is simple:
- Customer data is securely uploaded into the SocketLabs cloud platform
- The customer maintains control of that data
- The data is ONLY used for sending email
Our goal is to be at the forefront of the dynamic and increasingly complex privacy/compliance landscape. To that end, we are constantly challenging ourselves to go “above and beyond” industry and client requirements. The partnership with VeraSafe ensures that we live by these words and embrace them in our daily operations.
A Culture of Privacy and Compliance
With offices in the US and the Czech Republic, VeraSafe provides an array of privacy and cyber-security solutions which address compliance with various US and international privacy laws, including GDPR compliance. Their independent, third-party privacy compliance verification service ensures that Socketlabs:
- Complies with a high standard for privacy and data protection,
- Maintains appropriate internal policies and procedures pertaining to privacy and data protection, and
- Stays compliant over time by completing an annual audit of our data protection management system.
As a result, SocketLabs customers can have peace of mind knowing that their data (and their customers’ data) is handled with the same degree of care and concern that they provide themselves– or better.
With VeraSafe’s guidance, SocketLabs has updated our privacy policies, reviewed our internal procedures, and ensured that our 3rd party vendors are doing the same to protect our customers’ data. They help ensure that we are in alignment with both current regulations and our customers’ data protection requirements. Further, SocketLabs can provide the supporting documentation required to evidence our compliance and support customers’ own internal compliance audits.
Supporting Email and Data Privacy
Because handling customer data is central to providing our email service, SocketLabs has always taken a strong stance with respect to privacy and security. Trust is paramount because we ask our customers to trust us with their data millions of times every day. VeraSafe has helped us take several specific steps to build this trust by proactively meeting the challenges of today’s dynamic, internet-driven economy:
Privacy Shield Certification
SocketLabs is Privacy Shield Certified, and complies with the Privacy Shield Principles including:
-
- Data integrity and purpose limitation
- Data security and privacy notice
- Accountability for third-party data transfers, and
- Conducting annual Privacy Shield compliance verification
GDPR Compliance
SocketLabs offers a GDPR-compliant Data Processing Addendum to address customers’ data protection requirements. VeraSafe’s Matthew Joseph, Chairman of their Privacy, Data Protection and Cybersecurity Practice, serves as our GDPR Data Protection Officer and provides ongoing GDPR support. VeraSafe Ireland Limited serves as SocketLabs’ EU Data Protection Representative in accordance with Article 27 of the GDPR.
Data Security Practices
VeraSafe’s attorneys and certified privacy and IT security consultants regularly conduct a range of in-depth IT security reviews to help ensure the security of SocketLabs’ platform. These include penetration testing of our web-facing apps as well as detailed vendor risk assessments.
Our ongoing relationship with VeraSafe will ensure that these protections are regularly maintained and updated, and that we are able to proactively mature our data protection management before new regulations or compliance practices emerge. For more information regarding SocketLabs’ data privacy and security practices, contact our Infrastructure and Security team