Skip to content


The Exclaimer Trust Center provides you with all of the latest information on the security, reliability, privacy, and compliance of our products and services.

View our certificates and accreditations. Find out more about our membership of Cloud Security Alliance (CSA). Access our Compliance and Trust Center (Powered by Conveyor) to read important documentation and Q&A.

Compliance and Trust Portal - Conveyor

Exclaimer wants to help security teams spend less time on vendor security reviews. Access 20+ documents, get the answers to over 300 questions, and track changes/updates automatically via our Compliance and Trust Center (Powered by Conveyor). Self-serve access to security information reduces the number of questions you might need to ask us and helps to build trust between vendor and customer.

Don’t take our word for it though, take a look at our independent public vendor review too.

ISO/IEC 27001 Certification

The ISO/IEC 27001 Certification is an international standard on how to manage information security. Providing requirements for an information security management system (ISMS), the ISO/IEC 27001 Certification means third-party accredited independent auditors regularly perform thorough assessments to confirm it operates in alignment with ISO security standards. The standard adopts a process-based approach for establishing, implementing, operating, monitoring, maintaining, and improving your ISMS.

Exclaimer has a comprehensive set of information security policies that are based on the ISO/IEC 27001 information security standard and has been accredited since 2016 by the BSI (British Standards Institution), the gold standard for ISO compliance requirements.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (EU) 2016/679 was implemented on May 25, 2018, affecting all companies that process personal data of European Union (EU) and European Economic Area (EEA) citizens.

Exclaimer is fully committed to full EU GDPR compliance across all our products and services. It is also regularly audited to ensure total compliance with this regulation. The UK post-Brexit also maintains an equivalent data protection regime that came into effect on January 1, 2021.

Cloud Security Alliance (CSA) STAR Certification

The CSA STAR Certification is an assurance framework, enabling cloud service providers to embed cloud-specific security controls. The technology-neutral certification leverages the requirements of the ISO/IEC 27001 management system standard together with the CSA’s Cloud Controls Matrix. The CSA is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.

Exclaimer is also a Corporate Member of the CSA, placing it in the company of an elite set of organizations that have shown dedication to the best cloud security practices.


NCSC Cyber Essentials

Cyber Essentials is the UK government-backed cyber security certification designed to protect your business, organization, or supplier from cyber threats. Achieving this certification demonstrates Exclaimer’s alignment with the five main Technical Security Controls, proving that our business is safe and secure.


The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.

Exclaimer’s online store,, is tested quarterly to see if it meets PCI data security requirements. This ensures that high security standards are maintained, protecting credit card and other sensitive data.


SecurityScorecard is a comprehensive cyber security risk ratings platform that continuously monitors and rates the cybersecurity health of organizations.

It instantly identifies vulnerabilities, active exploits, and advanced cyber threats to help Exclaimer rigorously protect your business and strengthen our security posture. Exclaimer has an 'A' rating, making it one of the most secure cloud-based solutions available.

Google OAuth Assessment

Google requires that any third-party application accessing or storing personal data must undergo annual app verification. This rigorous assessment confirms that Exclaimer handles data securely, has policies and procedures in place to manage encryption and vulnerabilities, that keys are stored in the most secure manner, and many other security requirements. This assessment ensures that Exclaimer meets the strictest security requirements for both our Google and Microsoft customers.

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act was put into action on January 1, 2020 and is the first comprehensive privacy law in the United States. This statute enhances privacy rights and consumer protection for all residents of the State of California, operating in a similar capacity to GDPR.

For commercial customers doing business in California, Exclaimer is classified as a “service provider” with respect to our cloud-based email signature management offering. As we already comply with all laws and regulations applicable to the provision of online cloud services, we fulfil all of the requirements of CCPA.

ACSC Essential 8

The Australian Cyber Security Centre (ACSC) has developed prioritised mitigation strategies, in the form of the Strategies to Mitigate Cyber Security Incidents, to help organizations mitigate cyber security incidents caused by various cyber threats. The most effective of these are known as the Essential Eight.

Try for free today Your new email signature experience
is just a few clicks away