Security & Trust Center
Your security is our priority. We implement industry-standard security practices to protect your data and ensure reliable, compliant political messaging.
SOC 2 Type II Audit In Progress
We are currently preparing for our SOC 2 Type II audit to demonstrate our commitment to the highest standards of security, availability, and confidentiality. This independent third-party assessment will validate our security controls and data protection practices.
SOC 2 is a rigorous auditing procedure that ensures service providers securely manage data to protect the interests and privacy of their clients.
Data Encryption
Enterprise-grade encryption to protect your data at rest and in transit.
- AES-256 encryption for data at rest
- TLS 1.3 for all data in transit
- Encrypted database connections
- Secure credential storage with industry-standard hashing
Infrastructure Security
Built on Amazon Web Services (AWS) with enterprise security controls.
- AWS infrastructure with 99.9% uptime SLA
- Multi-region redundancy for disaster recovery
- Regular automated backups with point-in-time recovery
- Network isolation and VPC security
- DDoS protection and traffic filtering
Compliance & Regulations
Full compliance with telecommunications and political messaging regulations.
- TCPA (Telephone Consumer Protection Act) compliant
- 10DLC registration and carrier compliance
- FCC regulations adherence for political messaging
- Carrier-approved messaging practices
- GDPR and CCPA data privacy readiness
- Regular compliance audits and updates
Access Controls
Strict access controls and authentication to protect your account.
- Role-based access control (RBAC)
- Multi-factor authentication (MFA) support
- Session management and automatic timeouts
- Audit logging of all system access
- Principle of least privilege for internal access
Security Monitoring
Continuous monitoring and threat detection to keep your data safe.
- Real-time security monitoring and alerting
- Automated vulnerability scanning
- Intrusion detection systems
- Regular security log review
- Proactive threat intelligence
Incident Response
Prepared response procedures to address security incidents quickly.
- Documented incident response plan
- Dedicated security team
- 24/7 security monitoring
- Rapid incident notification procedures
- Post-incident analysis and remediation
Data Privacy & Protection
We are committed to protecting your privacy and the privacy of your contacts. Our platform is designed with privacy-first principles:
- Data Minimization: We only collect and retain data necessary for providing our services.
- User Control: You maintain full control over your data with the ability to export or delete at any time.
- No Third-Party Sharing: We do not sell, rent, or share your data with third parties for marketing purposes.
- Transparent Practices: Our Privacy Policy clearly outlines how we collect, use, and protect your data.
Business Continuity & Disaster Recovery
We maintain robust business continuity and disaster recovery procedures to ensure service availability:
- Automated Backups: Daily automated backups with point-in-time recovery capabilities.
- Geographic Redundancy: Data replicated across multiple AWS regions for disaster recovery.
- High Availability: Infrastructure designed for 99.9% uptime with automatic failover.
- Tested Recovery Plans: Regular testing of disaster recovery procedures to ensure rapid restoration.
Security Questions or Concerns?
We take security seriously. If you have questions about our security practices or need to report a security concern, please contact our security team.
General Security Inquiries:
security@politicalcomms.comReport a Security Vulnerability:
security@politicalcomms.comWe aim to respond to all security inquiries within 24 hours.