Technical and Security Measures
Version dated: 31 July, 2025
Flodesk, Inc. (“Flodesk”) is a U.S. company that provides email marketing services. Flodesk believes that security is central to maintaining customer trust and delivering our services.
Flodesk takes a number of steps to protect customer data.
Data Protection
Data at Rest: Data stored in databases and storage systems is encrypted using AES-256 encryption.
Data in Transit: We enforce TLS for all data transfers to ensure secure communication.
Data Backup: Regular encrypted backups are maintained and tested for restoration to protect against data loss.
Application Security
Vulnerability Scanning: Continuous automated scans are performed to detect known vulnerabilities in dependencies and application code.
Enterprise Security
Workforce Identity Access Management: We enforce strict identity and access controls through Single Sign-On (SSO), Multi-Factor Authentication (MFA), and role-based access to ensure only authorized personnel can access internal systems.
Endpoint Protection: All employee devices are monitored and protected with up-to-date endpoint security tools.
Security Training: Our team completes ongoing security awareness training to stay informed on best practices and evolving threats.