Security
SSL Secured
Contactually can only be accessed using 256-bit SSL 3.0 / TLS 1.0, provided by COMODO.
Secure API
Our API can only be access using secure user credentials or a user-revokable token.
Realtime Backups
All data is backed up in realtime, minimizing data loss.
Latest and Greatest
Contactually’s core system is regularly updated with the latest security fixes, and using the best practices.
Encrypted Credentials
External usernames and passwords are hashed or encrypted using 256 bit AES ciphers.
No Message Bodies/Attachments
Contactually does not store the content or attachments of messages. On request, we grab directly from the server.
Operating System Access
Operating system access is limited to hosting staff and requires username and key authentication.
Server Upgrades
Our managed servers are kept current with all vulnerabilities and hosting configurations.
Permanent Deletion
If you delete your Contactually account, all data is permanently removed from our servers.
Who can see my data?
For all users:
Your information is yours. Your contacts are never shared with anyone.
Details you provide for contacts are not shared with others who may have the same contact.
All information can be exported via CSV, secure API, and integration partners.
Contactually support staff may only access information for support reasons, with permission.
For teams:
Individual team members decide which contacts get shared with the team.
Team members can opt-in/out of sharing messages with their team.
Administrators are able to set default permissions for sharing.
Administrators cannot forcibly share or see sensitive messages.
Securely hosted by Amazon
Securely hosted by Amazon:
All user data is stored in Amazon Web Services’ data centers.
ISO 27001 certified.
Validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS).
Annual SOC 1 audits
24/7/365 monitoring, strict access controls, and on-site security.
