EmailLabs' General Commitment to Security

At EmailLabs, a brand belonging to Vercom S.A., a company listed on the Warsaw Stock Exchange, we treat the security of your data and the stability and reliability of our services as an absolute priority and the foundation of our business. As a European technology company, we are fully aware of the responsibility associated with information protection and operate in strict compliance with the General Data Protection Regulation (GDPR) and other applicable regulations.

Our comprehensive approach to security is based on solid pillars that guarantee protection on multiple levels:

Infrastructure and Operational Security

• We use our own servers, collocated in certified data centers within the European Economic Area (EEA), primarily in Poland (including Beyond.pl Data Center). This ensures the highest standards of physical and operational security and compliance with European data protection requirements. Details in section Data Center Security

• We have implemented a Business Continuity Management System (BCMS) compliant with the ISO/IEC 22301 standard to ensure resilience and the ability to quickly restore services in the event of incidents. Details in section ISO Certifications

Data Protection and Privacy

• We apply rigorous Technical and Organizational Measures to protect data against unauthorized access, loss, or destruction. Details in section Technical and Organizational Measures Applied by EmailLabs

• Personal data processing is carried out transparently, in accordance with GDPR and the provisions of the Data Processing Agreement (DPA). Details in section Personal Data Protection and GDPR Compliance

• We use data encryption in transit (TLS/SSL) and encryption for data in backups.

Application and Service Security

• EmailLabs services are provided based on our own proprietary technological solutions and many years of experience, allowing us to continuously ensure the security of our code and system architecture.

• We use advanced solutions to protect our services, such as a Web Application Firewall (WAF) provided by Cloudflare, while ensuring data localization within the EU. Details in section Service Protection and Connection Security (Cloudflare WAF)

• We regularly conduct internal and external security tests and vulnerability assessments. Details in section Security and Penetration Tests

Organizational Standards and Compliance

• We have a certified Information Security Management System (ISMS) compliant with the ISO/IEC 27001 standard and an ISO/IEC 27018 certificate confirming the application of best practices for personal data protection in the cloud. Details in section ISO Certifications

• We emphasize compliance with the latest regulations, such as DORA and NIS2, by adapting our processes and services.

  Details in section Compliance with DORA & NIS2

• We conduct regular training for employees on information security and personal data protection. Details in section Security – Frequently Asked Questions (FAQ) and Technical and Organizational Measures Applied by EmailLabs

• As part of the public company Vercom S.A., we operate transparently.

We understand that by entrusting us with your communication and data, you place great confidence in us. Our goal is not only to meet but to exceed your security expectations, which we document in detail in the following sections of this Security Center.