Spambrella – Trust & Privacy

GDPR Regulation

Spambrella is committed to putting you, our customer, first. This starts with protecting the data that you have entrusted in us for analysis. Earning the privilege to protect your people, data, and brand from advanced threats and compliance risks means being transparent about our privacy, security, and compliance practices and policies.

GDPR

The General Data Protection Regulation is an European Union (EU) data privacy legislation that strengthens rules about how the personal data of EU residents should be processed. It comes into effect on May 25, 2018. If you have end users, customers and employees in the EU—even if you’re based somewhere else—you (and all your third party processors) must comply with the regulation’s new principles.

SPAMBRELLA AND GDPR

As a data processor, Spambrella is committed to maintaining the privacy, confidentiality, and transparency of the personal data entrusted to us. We will be publishing an ongoing series of white papers that describe how Spambrella’s solutions enable you to comply with GDPR requirements such as responding to data subjects’ requests.

Additionally, Spambrella is committed to providing GDPR compliant services to our customers. Our services are designed with data security in mind and already have many GDPR compliant features built in. Additionally, we have carefully studied the GDPR’s requirements and have enhanced our products and services to better assist our customers with their GDPR compliance efforts.

Learn more about  Spambrella and the GDPR

ENTERING GDPR DATA PROCESSING AGREEMENT

You may enter into a GDPR Data Processing Agreement with Spambrella by following these instructions:

Download the PDF file titled Spambrella GDPR DPAComplete and sign the information block on the first page of the DPA, with the Controller’s (Partner/Customer) full legal entity name, address, and signatory information; and submit the completed and signed DPA to Spambrella via email to privacy@spambrella.com

CERTIFICATIONS AND COMPLIANCE

As a data processor and importer, Spambrella is committed to maintaining the privacy and confidentiality of the personal data entrusted to us. We have a documented Information Security Program describing how technical and administrative security controls are implemented to protect personal data and the physical locations in which it is hosted.

Our sub-processor North American co-location facilities perform annual SOC 1 or SOC 2 audits and European co-location facilities maintain ISO 27001 certifications. All sub-processor access controls mechanisms are established for physical and logical access to the facilities and the infrastructure hosting the services.

All physical and logical access is logged and analyzed for inappropriate access. Physical security controls for the facilities hosting the services include 24×7 on-site security, local and remote security and environmental monitoring, and redundant power and environmental controls. Physical and logical access authentication for sub-processor personnel is performed using two-factor authentication and is granted based on the employee’s role.

GDPR Regulation

Spambrella and our sub-processors have built state of the art automation tools, designed to ensure system integrity at the application level. A highly trained team of security professionals is responsible for documenting and deploying security controls. A separate team is responsible for performing Continuous Monitoring to ensure that these controls remain effective and in-place.

The infrastructure hosting the SaaS services is actively monitored with agents collecting hundreds of metrics specific to hardware, networking, and the OS. These metrics are compared against well-established baselines. Alerts are automatically generated when thresholds are crossed and escalation schemes are systematically enforced so that potential issues are addressed in a timely manner. Operations personnel are available 24 hours a day, 7 days a week to respond to any infrastructure issues.

DATA PROCESSING AGREEMENTS / MODEL CLAUSES (SCCs)

Spambrella enters into GDPR data processing agreements, which incorporate the 1995 EU Data Protection Directive’s Standard Contractual Clauses (also known as Model Clauses), with our customers. Customers can execute a GDPR data processing agreement by following the links above in the GDPR section of this page.

DATA SECURITY POLICY

Spambrella’s customers receive the contractual commitments of Spambrella regarding the customer’s data: security, breach notification, use of sub-processors, and rights to audit. These commitments are found in Spambrella’s DPA.

PRIVACY

Spambrella’s Privacy Policy can be found here – Privacy Policy

QUESTIONS?

We fully understand you may have questions and we welcome contact. Please email our Data Protection Team here privacy@spambrella.com

>

Related Case Studies

I found spambrella to be easy to set up and has dramatically reduced the number of spam emails hitting our inboxes. It was easy to 'train' the software to release any genuine emails that were caught or add any spam that was not picked up.

Within a couple of weeks of use virtually no spam arrived to our mailboxes. Spam and phishing emails are a growing problem for everyone I'm sure. I now get a very low incidence of spam.

David F., Review via Gartner Capterra

Used the software for: 2+ years - 5/5 Overall
With an ever overloaded department, and with cybersecurity skills shortage getting worse securing the I.T infrastructure.

Offloading the task of e-mail filtering to Spambrella has dramatically helped in the department's performance. The only drawback in our case is that the service is hosted outside of our territory and thus out of the legal jurisdiction.

John P., Review via Gartner Capterra

It doesn't require an arcane knowledge to set the Spam filtering up, the guides are straight to the point and support staff are very helpful. Functionality wise, in short: we do not get spammed. Thanks to Spambrella.

Archiving wise, the new solution is easy to use, searches well and fast and is by far the cheapest we could find at the time. Ten year retention rocks!

Verified Reviewer, Review via Gartner Capterra

The service is great at filtering bad email as well as junk email out while allowing clean email though. I have used a few other options over the years and this is the best I have found. Clients sometimes have trouble configuring their settings to how they want it to be. Or tag emails as approved when they shouldn't and need IT interaction to resolve. Maybe just ease of use or having a more clear way for clients to resolve basics on their own.

Brian M., Review via Gartner Capterra

Easy to onboard my customers from another spam filtering system. Very fast and haven't had any downtime in the 9 months since I have moved to Spambrella. When I have had to use support, responses where quick. I had to move all my customers from another filtering system with little notice. After I moved my customers I realised how bad the old solution I used was. Contact with Sales and Support always been professional

Allen B., Review via Gartner Capterra

Robust, versatile, and reliable...
The reliability of the service and the level of protection that it provides. My spam levels immediately dropped to near zero.

There are almost no false positives. And I'm easily able to customize the level of protection with whitelists, blacklists, and sensitivity settings. I'm also a big fan of the antivirus and URL scanning features.

Verified Reviewer, Review via Gartner Capterra

Latest blog posts

  • On September 28, 2023
Email Should Be Your No. 1 Security Priority

Email Should Be Your No. 1 Security Priority In today’s digitally connected world, email has become an indispensable tool for communication, both in personal and…

Read more
  • On September 26, 2023
What are AI Phishing Attacks?

What are AI Phishing Attacks? A New Breed of Cyber Threats – Introduction: In an age where artificial intelligence (AI) has revolutionized various aspects of…

Read more
  • On September 26, 2023
Ethical Phishing: Testing Your Employees

The Art of Ethical Phishing Simulation: Testing Your Employees’ Cybersecurity Awareness In the ever-evolving landscape of cybersecurity threats, organizations must stay one step ahead to…

Read more
  • On September 18, 2023
Why is Security Awareness Training Needed?

In today’s digital landscape, our personnel remain key targets in contemporary cyber threats, whether it be due to insider risks, compromised accounts, targeted phishing endeavors,…

Read more