It is always a priority to preserve the confidentiality, integrity, and availability of our customer’s data. Businesses like Cisco, Fivetran, and Seismic trust Postal to safeguard their data and processes.

Data Encryption

We protect the confidentiality of all our data, backups, and tokens via AES 256-bit encryption.

Data Retention

Postal’s application offers flexible data retention policies designed to fit your requirements.

24/7 Monitoring

Both internal and external resources monitor the Postal environment to ensure that malicious actors are unsuccessful in gaining unauthorized access to our platform.

Password Protection

Passwords are hashed and salted to shield them from password cracking methods, such as rainbow-table attacks.

Network Security

All communications between your browser and Postal’s website are encrypted via HTTPS/TLS v1.3 minimum.


Distributed Denial of Service (DDoS) protection is deployed as a default control for all customers to maintain the uptime of our service against volumetric attacks.

Multi-Factor Authentication

Add an additional layer of security to protect fraudulent access to your account.’s application supports several identity providers (IDP).

Threat Prevention

To detect and prevent unusual or suspicious activity on our platform; utilizes industry-leading cybersecurity technology to build intelligent models of normal/expected behavior.

security certifications


Postal strives to gain and maintain the trust of our customers. A comprehensive compliance program built around continuous testing and accreditation is critical to this mission.

SOC 2 Type 2

Postal is SOC 2 Type 2 certified, which means the design and operating effectiveness of our security controls are continuously audited.

Postal engages in annual SOC 2 audits that are conducted by an independent; third-party firm. Contact us to request the latest copy of our SOC 2 audit report.

GDPR Compliant

Postal is compliant with the General Data Protection Regulation (GDPR), which went into effect May 25, 2018, and applies to citizens of the European Union.

Please contact us to have an in-depth conversation about Postal’s approach to GDPR and to receive our Data Processing Addendum (DPA).

PCI Compliant

Postal is compliant with the Payment Card Industry Data Security Standard (PCI DSS) as a “Level 4” merchant.

Level 4 applies to merchants that process fewer than 20,000 Visa or Mastercard e-commerce transactions per year or up to 1 million total Visa or Mastercard credit card transactions and that have not suffered a data breach or attack that compromised card or cardholder data.

CCPA Compliant

Postal is compliant with California Consumer Privacy Act (CCPA) regulations, which went into effect January 1st, 2020.

CCPA applies to California residents and is enforceable for any company with revenues larger than $25 million and has more than 50,000 people or devices in its database. Please contact us to have an in-depth conversation about Postal’s approach to CCPA.

Penetration Testing

The Postal application, network, and assets undergo regular penetration testing by independent third parties to ensure that our enterprise is secure and your data is protected.

Data Backups

The Postal Platform has encrypted automatic backups utilizing Write Once Read Many (WORM) storage which renders the backups tamperproof.

Privacy Policy
Click here to read the Postal Privacy Policy.