Download Trengo’s vision on security
As an inbox for all your communication, Trengo has a big responsibility.
We are very serious about the security of your data and will take our responsibility in protecting it.
Data protection and third parties
First of all, we don’t save anything that we don’t need. We only save data that we need to make the product work and some data to analyze how we can improve our product.
We will never sell your data. The only data that is shared with third parties is necessary for making our product work.
We never store payment information or credit card numbers. All payments go through Mollie, a service that is fully PCI-DSS compliant.
Physical security
Our application is hosted on Amazon Web Services (AWS). Amazon is the industry leader in this field. Their data centers have military grade physical security in place at all of their data centers. They have a lot of experience maintaining the best security and privacy.
The servers are maintained by our certified partner. They make sure our servers are always up to date with the latest security patches.
Encryption
All of our backups are fully encrypted. In the highly unlikely case that they would be compromised, the data would be unreadable and useless to the attackers.
All communication with our application happens via modern TLS, meaning nobody could see the data that is being sent while in-transit.
We only allow modern encryption standards in our TLS configuration, that’s why it gets an A+ in Qualys’ SSL Labs test. With our HTTP Strict Transport Security (HSTS) policy we make sure the connection will always happen via the secure TLS connection.
Responsible disclosure
Did you find a bug? Please inform us at security@trengo.com.
