Security & Compliance

How we protect your data and maintain security best practices.

Our Security Commitment

Security and privacy are fundamental to Email Pen Test, an email security testing tool. We implement industry-standard security measures, follow security best practices, and are transparent about how we handle your data. This page details our security practices, data protection measures, and compliance approach.

Data Encryption

  • Secure transport: Data is protected in transit between your browser and our service
  • Access controls: Data access is restricted to authorized systems and administrators
  • Protected storage: Data is stored in secured cloud infrastructure

Access Controls

  • No Account Access: We never request access to your email account or inbox
  • Rate Limiting: Implemented to prevent abuse and ensure service availability
  • Bot Protection: Advanced bot detection and prevention systems prevent automated abuse

Data Minimization

  • Minimal Collection: We only collect data necessary for this email security testing tool
  • No Email Content: We never store email bodies, attachments, or inbox contents
  • Limited identifiers: We store only the contact info needed to run the test

Infrastructure Security

Infrastructure Security

  • Serverless Infrastructure: Modern serverless architecture with built-in DDoS protection
  • Regular Updates: Infrastructure and dependencies kept up to date
  • Monitoring: Continuous monitoring for security incidents

How We Protect Your Data

1. Email Address Protection

We store the email address you provide to deliver test emails and show your results. Access is restricted and we do not access your inbox.

2. No Inbox Access

We never request access to your email account or inbox. We send test emails to you, and you manually confirm where each email landed. We have no ability to read your emails, access your inbox, or view any email content.

3. Minimal Data Storage

We only store: contact info needed for the test, test results (where emails landed), timestamps, and optional anonymous benchmark data. We never store email content, attachments, or inbox contents.

4. Secure Transmission

All data is transmitted over HTTPS using modern TLS encryption. This helps protect data against interception or modification during transmission between your browser and our servers.

Compliance & Best Practices

We're committed to following security and privacy best practices:

Privacy by Design

Privacy considerations built into every aspect of this email security testing tool

Data Minimization

We only collect and store what's necessary for this email security testing tool

Transparency

Clear documentation of our practices and policies

Security Best Practices

Following industry-standard security practices and controls

Security Questions?

Have questions about our security practices or want to report a security concern? We're here to help.

Contact Us