Sign InGet Started
SECURITY

Security & Trust Center

Your security is our priority. We implement industry-standard security practices to protect your data and ensure reliable, compliant political messaging.

SOC 2 Type II Audit In Progress

We are currently preparing for our SOC 2 Type II audit to demonstrate our commitment to the highest standards of security, availability, and confidentiality. This independent third-party assessment will validate our security controls and data protection practices.

SOC 2 is a rigorous auditing procedure that ensures service providers securely manage data to protect the interests and privacy of their clients.

Data Encryption

Enterprise-grade encryption to protect your data at rest and in transit.

  • AES-256 encryption for data at rest
  • TLS 1.3 for all data in transit
  • Encrypted database connections
  • Secure credential storage with industry-standard hashing

Infrastructure Security

Built on Amazon Web Services (AWS) with enterprise security controls.

  • AWS infrastructure with 99.9% uptime SLA
  • Multi-region redundancy for disaster recovery
  • Regular automated backups with point-in-time recovery
  • Network isolation and VPC security
  • DDoS protection and traffic filtering

Compliance & Regulations

Full compliance with telecommunications and political messaging regulations.

  • TCPA (Telephone Consumer Protection Act) compliant
  • 10DLC registration and carrier compliance
  • FCC regulations adherence for political messaging
  • Carrier-approved messaging practices
  • GDPR and CCPA data privacy readiness
  • Regular compliance audits and updates

Access Controls

Strict access controls and authentication to protect your account.

  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA) support
  • Session management and automatic timeouts
  • Audit logging of all system access
  • Principle of least privilege for internal access

Security Monitoring

Continuous monitoring and threat detection to keep your data safe.

  • Real-time security monitoring and alerting
  • Automated vulnerability scanning
  • Intrusion detection systems
  • Regular security log review
  • Proactive threat intelligence

Incident Response

Prepared response procedures to address security incidents quickly.

  • Documented incident response plan
  • Dedicated security team
  • 24/7 security monitoring
  • Rapid incident notification procedures
  • Post-incident analysis and remediation

Data Privacy & Protection

Our Privacy Policy governs how we collect, use, and share information across the platform. The summary below reflects that policy.

  • Information We Collect: We collect personal information you provide, along with usage details, IP addresses, device information, and data gathered through cookies, web beacons, and similar technologies.
  • How We Use Information: We use information to operate and improve the Software, deliver our services to clients, and support the performance of our platform and partners.
  • Data Sharing: We may share certain information, including phone numbers, messaging activity, and engagement metrics, with trusted partners, data providers, and service providers for purposes such as data validation, enrichment, analytics, and audience insights. Partners are contractually obligated to handle this information in accordance with applicable privacy laws.
  • Accessing Your Information: You can review and update your personal information through your account, or contact us to request access, correction, or deletion. Some data may be retained as required by law or remain in cached or archived form.
  • Your Rights: California residents and users in other applicable jurisdictions may have additional rights regarding their personal information. See our Privacy Policy for the full terms.

Business Continuity & Disaster Recovery

We maintain robust business continuity and disaster recovery procedures to ensure service availability:

  • Automated Backups: Daily automated backups with point-in-time recovery capabilities.
  • Geographic Redundancy: Data replicated across multiple AWS regions for disaster recovery.
  • High Availability: Infrastructure designed for 99.9% uptime with automatic failover.
  • Tested Recovery Plans: Regular testing of disaster recovery procedures to ensure rapid restoration.

Security Questions or Concerns?

We take security seriously. If you have questions about our security practices or need to report a security concern, please contact our security team.

General Security Inquiries:

security@politicalcomms.com

Report a Security Vulnerability:

security@politicalcomms.com

We aim to respond to all security inquiries within 24 hours.

Related Resources

Privacy Policy →Terms of Use →Cookie Policy →