Spambrella is committed to putting you, our customer, first. This starts with protecting the data that you have entrusted in us for analysis. Earning the privilege to protect your people, data, and brand from advanced threats and compliance risks means being transparent about our privacy, security, and compliance practices and policies.
The General Data Protection Regulation is an European Union (EU) data privacy legislation that strengthens rules about how the personal data of EU residents should be processed. It comes into effect on May 25, 2018. If you have end users, customers and employees in the EU—even if you’re based somewhere else—you (and all your third party processors) must comply with the regulation’s new principles.
SPAMBRELLA AND GDPR
As a data processor, Spambrella is committed to maintaining the privacy, confidentiality, and transparency of the personal data entrusted to us. We will be publishing an ongoing series of white papers that describe how Spambrella’s solutions enable you to comply with GDPR requirements such as responding to data subjects’ requests.
Additionally, Spambrella is committed to providing GDPR compliant services to our customers. Our services are designed with data security in mind and already have many GDPR compliant features built in. Additionally, we have carefully studied the GDPR’s requirements and have enhanced our products and services to better assist our customers with their GDPR compliance efforts.
Learn more about – Spambrella and the GDPR
ENTERING GDPR DATA PROCESSING AGREEMENT
You may enter into a GDPR Data Processing Agreement with Spambrella by following these instructions:
Download the PDF file titled ‘Spambrella GDPR DPA – Complete and sign the information block on the first page of the DPA, with the Controller’s (Partner/Customer) full legal entity name, address, and signatory information; and submit the completed and signed DPA to Spambrella via email to [email protected]
CERTIFICATIONS AND COMPLIANCE
As a data processor and importer, Spambrella is committed to maintaining the privacy and confidentiality of the personal data entrusted to us. We have a documented Information Security Program describing how technical and administrative security controls are implemented to protect personal data and the physical locations in which it is hosted.
Our sub-processor North American co-location facilities perform annual SOC 1 or SOC 2 audits and European co-location facilities maintain ISO 27001 certifications. All sub-processor access controls mechanisms are established for physical and logical access to the facilities and the infrastructure hosting the services.
All physical and logical access is logged and analyzed for inappropriate access. Physical security controls for the facilities hosting the services include 24×7 on-site security, local and remote security and environmental monitoring, and redundant power and environmental controls. Physical and logical access authentication for sub-processor personnel is performed using two-factor authentication and is granted based on the employee’s role.
Spambrella and our sub-processors have built state of the art automation tools, designed to ensure system integrity at the application level. A highly trained team of security professionals is responsible for documenting and deploying security controls. A separate team is responsible for performing Continuous Monitoring to ensure that these controls remain effective and in-place.
The infrastructure hosting the SaaS services is actively monitored with agents collecting hundreds of metrics specific to hardware, networking, and the OS. These metrics are compared against well-established baselines. Alerts are automatically generated when thresholds are crossed and escalation schemes are systematically enforced so that potential issues are addressed in a timely manner. Operations personnel are available 24 hours a day, 7 days a week to respond to any infrastructure issues.
DATA PROCESSING AGREEMENTS / MODEL CLAUSES (SCCs)
Spambrella enters into GDPR data processing agreements, which incorporate the 1995 EU Data Protection Directive’s Standard Contractual Clauses (also known as Model Clauses), with our customers. Customers can execute a GDPR data processing agreement by following the links above in the GDPR section of this page.
DATA SECURITY POLICY
Spambrella’s customers receive the contractual commitments of Spambrella regarding the customer’s data: security, breach notification, use of sub-processors, and rights to audit. These commitments are found in Spambrella’s DPA.
We fully understand you may have questions and we welcome contact. Please email our Data Protection Team here [email protected]
I found spambrella to be easy to set up and has dramatically reduced the number of spam emails hitting our inboxes. It was easy to 'train' the software to release any genuine emails that were caught or add any spam that was not picked up.
Within a couple of weeks of use virtually no spam arrived to our mailboxes. Spam and phishing emails are a growing problem for everyone I'm sure. I now get a very low incidence of spam.
Robust, versatile, and reliable...
The reliability of the service and the level of protection that it provides. My spam levels immediately dropped to near zero.
There are almost no false positives. And I'm easily able to customize the level of protection with whitelists, blacklists, and sensitivity settings. I'm also a big fan of the antivirus and URL scanning features.
Used the software for: 2+ years - 5/5 Overall
With an ever overloaded department, and with cybersecurity skills shortage getting worse securing the I.T infrastructure.
Offloading the task of e-mail filtering to Spambrella has dramatically helped in the department's performance. The only drawback in our case is that the service is hosted outside of our territory and thus out of the legal jurisdiction.
Easy to onboard my customers from another spam filtering system. Very fast and haven't had any downtime in the 9 months since I have moved to Spambrella. When I have had to use support, responses where quick. I had to move all my customers from another filtering system with little notice. After I moved my customers I realised how bad the old solution I used was. Contact with Sales and Support always been professional
The service is great at filtering bad email as well as junk email out while allowing clean email though. I have used a few other options over the years and this is the best I have found. Clients sometimes have trouble configuring their settings to how they want it to be. Or tag emails as approved when they shouldn't and need IT interaction to resolve. Maybe just ease of use or having a more clear way for clients to resolve basics on their own.
It doesn't require an arcane knowledge to set the Spam filtering up, the guides are straight to the point and support staff are very helpful. Functionality wise, in short: we do not get spammed. Thanks to Spambrella.
Archiving wise, the new solution is easy to use, searches well and fast and is by far the cheapest we could find at the time. Ten year retention rocks!
The number of fraudulent email circulations seems to grow with each passing day. Scammers use email fraud with the main motive of deceiving users for…
If you’re not in the IT industry, all the technical terms for malicious attacks on computer network systems can be confusing. It’s also pretty easy…
Impostor email attacks are a growing trend and problem. Attackers will target your employees, customers, and business partners with these advanced attacks. It is now…
Why are hackers increasing levels of Office 365 phishing attacks? This article will explain some key processes how and why Office 365 phishing attacks are…