EXCLAIMER TRUST CENTER

Learn more about Exclaimer’s approach to security, trust, privacy, and compliance.

ISO/IEC 27001 Certification

ISO/IEC 27001 Certification

The ISO/IEC 27001 Certification is an international standard on how to manage information security. Providing requirements for an information security management system (ISMS), the ISO/IEC 27001 Certification means third-party accredited independent auditors regularly perform thorough assessments to confirm it operates in alignment with ISO security standards. The standard adopts a process-based approach for establishing, implementing, operating, monitoring, maintaining, and improving your ISMS.

Exclaimer has a comprehensive set of information security policies that are based on the ISO/IEC 27001 information security standard and has been accredited since 2016 by the BSI (British Standards Institution), the gold standard for ISO compliance requirements.

References:

General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (EU) 2016/679 was implemented on 25 May 2018, affecting all companies that process personal data of European Union (EU) and European Economic Area (EEA) citizens.

Exclaimer is fully committed to full EU GDPR compliance across all our products and services. It is also regularly audited to ensure total compliance with this regulation. The UK post-Brexit also maintains an equivalent data protection regime that came into effect on 1 January 2021.

References:

California Consumer Privacy Act

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act was put into action on 1 January 2020 and is the first comprehensive privacy law in the United States. This statute enhances privacy rights and consumer protection for all residents of the State of California, operating in a similar capacity to GDPR.

For commercial customers doing business in California, Exclaimer is classified as a “service provider” with respect to our cloud-based email signature management offering. As we already comply with all laws and regulations applicable to the provision of online cloud services, we fulfil all of the requirements of CCPA.

Cloud Security Alliance (CSA) STAR Certification

Cloud Security Alliance (CSA) STAR Certification

The CSA STAR Certification is an assurance framework, enabling cloud service providers to embed cloud-specific security controls. The technology-neutral certification leverages the requirements of the ISO/IEC 27001 management system standard together with the CSA’s Cloud Controls Matrix. The CSA is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.

Exclaimer is also a Corporate Member of the CSA, placing it in the company of an elite set of organizations that have shown dedication to the best cloud security practices.

References:

Payment Card Industry Data Security Standard (PCI DSS)

PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.

Exclaimer’s online store, store.exclaimer.com, is tested quarterly to see if it meets PCI data security requirements. This ensures that high security standards are maintained, protecting credit card and other sensitive data.

SecurityScorecard

SecurityScorecard

SecurityScorecard is a comprehensive cyber security risk ratings platform that continuously monitors and rates the cybersecurity health of organizations.

It instantly identifies vulnerabilities, active exploits, and advanced cyber threats to help Exclaimer rigorously protect your business and strengthen our security posture. Exclaimer has an 'A' rating, making it one of the most secure cloud-based solutions available.

Google OAuth Assessment

Google OAuth Assessment

Google requires that any third-party application accessing or storing personal data must undergo annual app verification. This rigorous assessment confirms that Exclaimer handles data securely, has policies and procedures in place to manage encryption and vulnerabilities, that keys are stored in the most secure manner, and many other security requirements. This assessment ensures that Exclaimer meets the strictest security requirements for both our Google and Microsoft customers.