Security of email data, and especially Personally Identifiable Information (PII), is of paramount importance to Context.IO. In conjunction with our parent company, Return Path, we have instituted a number of best practices and oversight measures to ensure the security of your data. These include:
- All client and consumer data is encrypted during transit using strong encryption mechanisms.
- All PII is redacted within a tightly controlled data processing environment with limited access.
- The redaction process removes any PII that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual.
In addition to these measures, Return Path conducts periodic reviews of our security policies and practices through independent third-party auditing services, including ISO certifications and Statements on Standards for Attestation Engagements No. 16 (SSAE 16) Reporting on Controls at a Service Organization (SOC 2) Audits, as well as internal auditing services and other assessments deemed appropriate. We also audit our systems and software weekly to ensure their security.
What is the EU-US Privacy Shield Framework?
Return Path is very proud to be a certified member of the the EU-US Privacy Shield program. The EU-US Privacy Shield Framework is the successor of the previously invalidated EU-US SafeHarbor program. Privacy Shield was designed by the U.S. Department of Commerce in conjunction with the European Commission to provide companies in both regions a way to comply with EU data protection requirements when transferring personal data from the European Union to the United States.
Membership in this program is yet another demonstration of our commitment to protecting data and adhering to the highest standards of PII protection.
How Does Context.IO Store Data?
Context.IO only stores data needed when absolutely necessary. We follow industry standard best practices when handling any kind of sensitive information, including SSL and strong encryption.
We also are audited by 3rd parties such as TRUSTe to verify that all data is absolutely safe. Our parent company, Return Path, has a Chief Privacy Officer, who is focused on making sure that everyone’s data is secure.
While we prefer that email providers offer Oauth, we’re completely confident that your user’s credentials are safe with us if we need their name and password to connect.
How Does Context.IO Use the Data?
Email accounts connected through Context.IO are included in the Return Path Panel, an anonymized and aggregated report about commercial email campaigns these accounts receive.
When we say “anonymized and aggregated”, what we mean is if you take any random record from that report it will be impossible for you to trace it back to a single origin email account, let alone know who owns that email account.
These anonymized and aggregated reports are used to power some of Return Path’s products to improve the email ecosystem, such as spam prevention, and email deliverability tools, among others.
Does Context.IO have a proven track record for security?
Yes! We’ve been helping developers build applications using email data for over 5 years, and have safely and securely connected over a million email accounts. Please reach out to us directly at firstname.lastname@example.org if you have more questions or would like more information.