System

Check service availability and performance

LEARN MORE

Security

See how Maropost safeguards your data

LEARN MORE

Compliance

View our technical certifications landscape

LEARN MORE

API

View our API Documentation

LEARN MORE

Compliancy

Maropost’s customer information is managed by a 3rd-party cloud hosting services provider.  The data is stored in state of the art data centers with co-locations through out the United States, Asia, and Europe.  We awarded the contract for providing cloud hosting services to this provider after an extensive review process from among several providers offering similar services.  We ultimately chose our provider based on a number of key factors including its industry reputation for high security, high availability, and high performance.

Confidence

Maropost customer data is hosted in state of the art data centers that are certified to leading industry standards.

ISAE 3402

Maropost’s infrastructure has completed an examination in conformity with the International Standard for Assurance Engagements (ISAE) No 3402 Type II Service Organization Control (SOC1, SOC2, and SOC3). The annual examination ensures on-going compliance. Conformity to the requisite standards satisfies both the ISAE 3402 and the Statement on Standards for Attestation Engagements (SSAE) 16.

LEARN MORE

PCI-DSS

Maropost’s data center maintains compliance according to the Payment Card Industry (PCI) Data Security Standard (DSS) as a Level 1 service provider and continues to be audited on an annual basis to continuously ensure compliance. Its assessment includes, but is not limited to, hardware, network infrastructure, data center physical locations, and security. In addition, Maropost’s own internal policies and procedures comply with the PCI-DSS standards.

Learn More

ISO 27001

Maropost’s data centers are certified to comply with the international standard for Information Security Management defined by the International Organization for Standardization (ISO) 27001. It is subject to on-going external assessment with a full re-assessment every three years.

LEARN MORE

ISO 9001

Maropost’s data centers are certified to comply with the international standard for Quality Control Management defined by the International Organization for Standardization (ISO) 9001.

LEARN MORE

HITRUST CSF

Maropost’s infrastructure is certified to the Health Information Trust Alliance® (HITRUST) Common Security Framework (CSF) to help address the data and privacy requirements of the healthcare industry. It meets the highest security standards helping to comply with ISO, COBIT®, HIPAA,HITECH, NIST, SOX, and FISMA guidelines.

LEARN MORE

GDPR – May 2018

General Data Protection Regulation (GDPR) requires compliance by the May 2018 deadline to which Maropost is actively pursuing and guarantees successful compliance at that time. Maropost is Privacy Shield certified and is therefore already in compliance with many aspects of GDPR.

Key provisions not covered under existing regulations that are introduced by GDPR include additional requirements for

  • Data breach notifications
  • Extraterritorial data transfers
  • Individual’s access to their own private data
  • Privacy Impact audits

In support of our clients doing business in the European Union, Maropost is fully committed to achieving compliance well before the deadline date.

LEARN MORE

PRIVACY SHIELD

Maropost is responsible for the processing of personal data it receives under the Privacy Shield Frameworks. Maropost complies with the Privacy Shield Principles’ liability provisions for all onward transfers of personal data from the EU and Switzerland to third parties acting as agents on its behalf.

With respect to personal data received or transferred pursuant to the Privacy Shield, Maropost is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

Purpose of Data Collection
Maropost is a Software-as-a-Service provider for permission-based marketing automation. The platform collects customer information under the direction of our Clients for the purposes of digital messaging and has no direct relationship with the individuals whose personal data it processes. Such information may include the following types of personally identifiable attributes such as email address, Internet Protocol (IP) address, and customer profile information (first name, last name, postal address, phone number, etc.). We may transfer personally identifiable information to our Clients and to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Clients.

LEARN MORE