EmailLabs DOCS
API DOCSEmail API & Cloud SMTPPricingBlog
EN
EN
  • 👋Welcome to EmailLabs!
  • 🔐Security & Compliance
    • EmailLabs Safety Center
      • Scope and Purpose of Personal Data Processing
        • Cloudflare
      • ISO/IEC 27001, 27018 and 22301 Certifications
      • Security Testing
      • Security Measures
      • Document Templates
      • FAQ
  • 💡First Steps
    • Completing Company Data
    • Changing the Login Password
    • GDPR Agreement
    • Creating a Password for the SMTP Server
    • Sender Authorization
    • Whitelabel (Custom Link Tracking)
    • Domain Security - SPF Record
  • ☁️CLOUD-BASED SMTP
    • SMTP Integrations
      • Cloud SMTP for eFitness
        • Sign up to EmailLabs
        • Integration Steps
      • Cloud SMTP for SALESmanago
        • Sign up to EmailLabs
        • Integration Steps
      • Cloud SMTP for User.com
        • Sign up to EmailLabs
        • Integration Steps
      • Cloud SMTP for Baselinker
        • Sign up to EmailLabs
        • Integration Steps
      • Cloud SMTP for Shoper
        • Sign up to EmailLabs
        • Integration Steps
      • Cloud SMTP for RedCart
        • Sign up to EmailLabs
        • Integration Steps
      • Cloud SMTP for Joomla!
        • Sign up to EmailLabs
        • Integration Steps
      • Cloud SMTP for PrestaShop
        • Sing up to EmailLabs
        • Integration Steps
      • Cloud SMTP for WordPress
        • Sign up to EmailLabs
        • Easy WordPress SMTP Plug-in
        • WP Mail SMTP Plug-in
        • Without the Plug-in
      • Cloud SMTP for Mautic
        • Sign up to EmailLabs
        • Integration Steps
      • Cloud SMTP for Selly
        • Sign up to EmailLabs
        • Integration Steps
      • Cloud SMTP for SOTE
        • Sign up to EmailLabs
        • Integration Steps
      • Cloud SMTP for IdoSell
        • Sign up to EmailLabs
        • Integration Steps
      • Cloud SMTP for AtomStore
        • Sign up to EmailLabs
        • Integration Steps
      • SMTP Relay Configuration
      • Outlook
      • Thunderbird
  • ✨EmailLabs API
    • API Documentation
  • 📈Analytics Panel
    • Dashboard
      • Selecting an SMTP Subaccount
      • Elements on the Dashboard
      • View Detailed Statistics
    • Reports
      • E-mail
        • Panel Navigation and Access Path
        • "Search" Section
        • "List" Section
        • Detailed Message Logs
      • Blacklist
        • Panel Navigation and Access Path
        • "Search" Section
        • "Search" Section
        • Adding an Address to the Blacklist
        • Blocked Domains
        • Export & Import
        • Blacklist Settings
        • Whitelist
      • Activity Report
        • Detailed Message Logs
      • Comparing Tags
      • Status Per Tag
        • Panel Navigation and Access Path
        • "Search" Section
        • “Account Statistics” Section
      • Technology and Geolocation
      • Feedback Loop Report
        • Feedback Loop Yahoo
      • Event API Logs
      • Report Per Domain
    • Administrator
      • Sender Authorization
        • From Domain Authorization - Configurator
          • Authorizing the Domain Hosted by Cloudflare
          • Authorizing the Domain Hosted by GoDaddy
          • Authorizing the Domain Hosted by cyber_Folks
          • Authorizing the Domain Hosted by home.pl
          • Authorizing the Domain hosted by Nazwa.pl
          • Authorizing the Domain Hosted by OVHcloud
          • Authorizing the Domain Hosted by zenbox
      • Users
        • Panel Navigation and Access Path
        • „Search” Section
        • „List” Section
        • Editing the User’s Information
        • Managing The Roles
      • My Profile
        • Panel Navigation and Access Path
        • Changing the Administrator or Company Data
        • Changing the Account Password
      • Application Log
        • Panel Navigation and Access Path
        • “Search” Section
        • “List” Section
      • API
        • Panel Navigation and Access Path
        • Generating the Keys
        • API Integration
        • Event API Settings (Webhooks)
      • General Settings
        • Blacklist Settings
        • Validity of Entries on the Blacklist
        • Bounce Number Before Blocking
        • Access to the Panel for Specified IP
        • Access to API for Specified IP
        • Deliverability Alerts
      • Tags
      • Message Templates
        • Sending Messages With Templates
      • GDPR
    • SMTP Accounts
      • Active Accounts
        • Panel Navigation and Access Path
        • Change Password
        • Application Settings
    • Functionalities
      • IP Authorization
      • Block Temporary Inboxes
      • Deep Linking
        • Deep Linking Configuration for Android
        • Deep Linking Configuration for iOS
      • Footer
      • Headers
      • Open Tracking and Link Tracking
        • Open Tracking
        • Link Tracking
      • Tags
      • UTM
      • Unsubscribe
        • Unsubscribe Page Provided by EmailLabs
        • Redirect to Customer Website and Add Email Address to Blacklist
        • List-Unsubscribe
      • Whitelabel (Individual Link Tracking)
        • Step 1: Adding a Record to the DNS Panel
        • Step 2: Configuration in the EmailLabs Panel
    • Authentications
      • SPF
        • If You Don't Have an SPF Record Yet
        • If You Already Have Other Services Included in Your Domain's SPF Record
      • DKIM
        • Individual DKIM
          • Adding a DNS Record
          • Configuration in the EmailLabs Panel
        • Sender Authorization
      • DMARC
        • Neutral DMARC Policy
        • Restrictive DMARC Policy
          • Configuring Your Return Path
      • S/MIME
      • BIMI
    • Email Deliverability
      • Message Statutes
        • Injected
        • OK
        • Softbounce
        • Spambounce
        • Hardbounce
        • Dropped
        • Open
        • Track
        • Feedback
    • Billings
      • Plan Change
      • Plan Cancellation
      • Payment Methods
      • Invoices
  • FAQ
    • System
    • Account
    • Sending and Deliverability
    • Analytics
    • Sender Authorization
    • EmailLabs Safety Center
      • Data Protection Officer
      • Data Controller
      • Entrustment and Further Entrustment of Personal Data Processing
      • Implementation of Information Security Management System
      • Risk Assessment
      • Business Continuity
      • Security Incident Management and Personal Data Breach Handling
      • Information Classification
      • Employees
      • Access Control and Access Management
      • Remote Access
      • Portable and Mobile Devices
      • Document Destruction
      • Server Security
      • Network Security
      • Logs
      • Data Security at Rest and in Transit
      • Physical Security
      • Cloud Computing
      • Data Protection Measures
Powered by GitBook
On this page
  • Detailed List of Primary Data Processors
  • FAQ
  1. Security & Compliance
  2. EmailLabs Safety Center

Scope and Purpose of Personal Data Processing

PreviousEmailLabs Safety CenterNextCloudflare

Last updated 2 months ago

Subject, Nature, and Purpose

The processing is carried out for the purpose of providing the Service to the Customer based on the Main Agreement and to fulfill Vercom's obligations arising from this Data Processing Agreement, particularly concerning the security of data, including ensuring their integrity and availability.

Duration of Processing

The data processing period will be the same as the period of providing the Services under the Main Agreement, with the understanding that the data processing agreement is in effect until the data is deleted in accordance with its provisions.

Categories of Individuals

The processed personal data pertains to the following categories of individuals: End Users – individuals who are recipients of electronic communication sent by the Customer based on the Main Agreement.

Special Categories of Personal Data

Special categories of personal data processed include the following categories: Not Applicable.

Approved Subcontractors for Processing

To provide services, Vercom collaborates with domestic telecommunications operators (for domestic SMS delivery) and international SMS service providers (for sending SMS messages abroad).

Detailed List of Primary Data Processors

Entity
Scope of Entrustment
Area
Certifications
Description

Beyond.pl sp. z o.o.,

11 Adama Kręglewskiego Street, 61-248 Poznań

Data Centers and Server Rooms (Colocation, Backup.

EEA

ISO27001

PCIDSS

SOC2

ISO14001

ANSI TIA 942 Rated4

EN50600 class4

The sole data center in the EU with the highest level of security confirmed by two independent entities: ANSI/TIA-942 Rated 4 certification and EN 50600 Class 4 standard for all server chambers.

NTT Global Data Centers EMEA GmbH Voltastraße 15, 65795 Hattersheim

Data Centers and Server Rooms (Colocation, Backup.

EEA

ISO 9001

ISO 22301

ISO 50001

ISO 27001 IT-GS (BSI)

PCI DSS

The facility meets the requirements of the international Tier III standard. This ensures a minimum resource availability of 99.999% and redundancy of key elements.

Cyber Folks S.A.

22 Roosevelta Street, 60-829 Poznań

Hosting Services

EEA

A backup of Vercom's corporate email, as well as files and databases from the company's websites, is executed and maintained as part of the hosting service provided by Cyber_folks for Vercom.

Amazon Web Services EMEA SARL 38 Avenue John F. Kennedy, LU-1855 Luxemburg, R.C.S., Luxemburg: B186284

Data Backup

EEA

Data processed as part of the Services is handled on servers owned by VERCOM. In the case of backups, the data is fully encrypted on our end and transferred to our backup servers in the CPD and/or on servers provided by third-party entities (such as Amazon) off-site in the cloud.

Cloudflare, Inc.,

USA 101 Townsend St, San Francisco, CA 94107, USA

Provider of solutions to enhance the security of services provided (WAF service).

EEA

The service provided by Cloudflare, Inc. to Vercom S.A. includes the Web Application Firewall (WAF). The incorporation of WAF into Vercom's services aims to enhance the security of services provided by Vercom to the company's clients.

Vercom has ensured appropriate provisions in the agreement, including, among others:

  • Inclusion of the Data Localization Suite (DLS) option for the WAF service – through DLS, information processed by Vercom as part of the services remains within the European Union;

  • Inclusion of the EU Customer Metadata Boundary option for the WAF service – ensuring that data processed by Vercom for Vercom's clients will not be transmitted outside the European Union.


FAQ

Does Emaillabs have a DPA for their client?

Yes, please find the agreement template .

Does Emailabs have cloud email services?

The SMTP server is provided to the Client by a virtual server separated from the physical server belonging to VERCOM, to which is assigned the IP address used for sending e-mail messages. The SMTP server can be shared or dedicated to the client. it is always a VPS (Virtual Private Server).

Diagram of the technical structure of the EmailLabs Service:

I. "Sending" part

The main functionality of the EmailLabs Service is the possibility of mass sending e-mail messages to the address database specified by the customer.

II. Database part

It includes the processing of data on a completed email sent. The data is logically separated.

Therefore, it should be stated that the data contained in e-mail messages sent using the EmailLabs Service are processed on servers belonging to VERCOM.

In the case of backups, the data is encrypted (and stored in this form on servers provided by third parties.

Do you process data outside European Union?

Vercom declares that the Processing of Personal Data shall be performed in the territory of the European Union or the European Economic Area, unless the obligation to transfer the Personal Data to the third country, in the meaning of the GPDR, derives from the Law

What the data processing process at EmailLabs looks like?

The processing of entrusted data (in the context of the GDPR) distinguishes:

  1. Data in transit: data is encrypted with SSL.

  1. Data at rest: we store only the e-mail addresses of e-mail recipients (e-mail logs in the panel). This data is not encrypted due to the computational overhead of processing such databases. However, in 2024 Quarter 1 there will be a functionality of data anonymization.

IS 2FA method available?

Yes, the panel has the ability to manage users and various access levels.

Does user panel has a managing access levels for different users?

Yes, the panel has the ability to manage users and various access levels.

Is there data anonymization available?

Yes, the injected status is processed in the database and a log is saved with the anonymous TO address.

When the final email status is processed (OK, hard bounce, dropped, etc.), the status is saved to the database and the server logs are also anonymized in a similar way to the logs in the database.

Anonymization could involve, for example, leaving the first character and domain, e.g. instead of "john.walk@abcabc.pl" it would be "j***********@abcabc.pl". On the customer’s side, the log of such an email would be precisely identifiable by the message_id.

What are system backups look like?

System backups (for the purpose of possible loss of operational data, and system recovery) are encrypted with a number of encryption (including AES256) and compression algorithms, entirely on our side and transferred to our backup servers in CPD. All our CPDs are located ONLY within the EEA.

If you do not want your data to be processed by Cloudflare, you can opt out of this option.

🔐
here
MORE >>