✍️  Empower Your Ambassadors: The New Personal Post Feature in Ambassify 👉 LEARN MORE
English

Security & Privacy at Ambassify

Your data. Our priority. At Ambassify, we are deeply committed to protecting your data and safeguarding the privacy of your users. Through state-of-the-art security measures, regulatory compliance, and robust platform features, we empower your business with confidence and peace of mind.

fight

Social_Proof_Icons_security_2025-11

Security Features

Everything you need to secure your brand and your users.
  • Static Mail Server IPs
    Static Mail Server IPsAll customer data is securely hosted within the European Union, in full alignment with EU data sovereignty laws.
  • Single Sign On
    Allow your users to authenticate with their existing (company) account. Centralizing access management to ambassify.
  • SCIM Provisioning
     Easily sync with your identity provider for automatic user management — no manual updates need.
  • E-Mail security
    Ambassify employs both SPF and DKIM in the fight against spam, improving deliverability in the process.
  • Custome Branding
    Customize your account’s appearance, making your community, landing pages and e-mails feel familiar to your audience, ensuring their trust.
1080x1080_Integratioms_SSO-03

Legal & Compliance

A secure employee advocacy platform starts with clear, compliant foundations. Ambassify equips you with everything needed to stay aligned with privacy laws and internal policies.

1Legal Center

At Ambassify we believe in transparency, which is why our extensive policies, security and privacy documentation is publicly available in our legal center.

2 DPA

Signed with every customer for transparency and GDPR compliance. Support for custom Data Processing Agreement available in Enterprise.

3 Privacy Mode

Privacy Mode hides member data like names and profiles. It's ideal for respecting privacy and addressing works council concerns about visibility or tracking.

4GDPR Compliance

All of Ambassify is GDPR‑compliant: we protect personal data, respect user rights, and operate with transparency and accountability.

5 Consent Management

Manage and review user consent: users can give or revoke consent for the Terms of Use and Privacy Policy and track their status.

6ISO 27001 Certified

Our full organisation is ISO 27001 certified. This includes people, processes, systems, and services to keep your data protected from end to end.

Our Security Partners

We work with industry leaders in the identity provider space to help you streamline user provisioning and access management through Single Sign on and open standards such as SCIM.

We work with industry leaders
  • gsuite
  • Zapier_logo
  • okta
  • microsoft
  • Logo onelogin

EU-Based Hosting & Certifications

We’ve built a security-first hosting environment that meets stringent global standards and ensures your data stays protected within legal jurisdictions.

  • EU-Based Hosting
    All customer data is securely hosted within the European Union, in full alignment with EU data sovereignty laws.

  • ISO 27001:2022 Certification
    We follow internationally recognized standards to ensure Information Security Management is thorough and auditable.

  • Technical & Organizational Measures
    From encryption to access control, our multi-layered safeguards protect your data’s confidentiality, integrity, and availability.
gdpr
Amazon_Web_Services-01

Sub-processors

To deliver our services, Ambassify engages a limited set of carefully vetted subprocessors. Each has signed a Data Processing Agreement (DPA) with us to ensure full GDPR compliance. We only share the minimum relevant data required for their function, and each subprocessor implements strong security controls like encryption, access control, and impact assessments. 

View sub-processor list

Responsible use of AI

  • Transparent Design
    We publish clear explanations of how our AI works so you always know what’s going on.

  • Human‑Centred Control
    ou stay in charge of data, decisions and outputs; our AI supports you, not the other way round.

  • Ethical & Compliant
    Our full organisation is aligned with the EU AI Act and built to meet GDPR, fairness and data‑sovereignty standards.



Responsible AI assistant
Blog_NEW_Advocacy&Privacy-01

Access Management and Privacy Controls

  • Email Address Restriction
     Limit access to your community based on specific email domains to ensure only authorized users can join.

  • Managing member permissions
    Define and manage user roles with clear permission settings across the platform.

  • Audit logs
    Manager activity is logged, so you can always identify why sensitive actions (deletions, publishes, …) were taken.

 

Enterprise grade Service Level Agreement (SLA)

  • Reliable Uptime
    You get a 99.9% monthly uptime commitment, so your people can count on us to be there when it matters most.

  • Timely Support
    When something’s urgent, we’re on it. You’ll always have a direct line to real people, ready to help.

  • Clear Recovery Goals (RTO & RPO)
    In case of a major incident, we restore service in degraded mode within 3 business days. Daily backups ensure that data loss is minimized.



1080x1080_Illustration-34
Still have questions?

In our Legal Center, you’ll find a full overview of every technical and organizational measure we take to protect your data and ensure platform integrity. From encryption and access controls to incident response protocols and employee awareness training, everything is laid out clearly.

Visit our Legal CenterContact Us