Legal Center

Terms of Service

Terms and conditions between Ambassify and Customer for the use of the Software Service on a subscription-based model (SaaS)

Data Processing Agreement

Data processing agreement outlining terms and conditions for processing personal data. Protects privacy and ensures compliance.

Service Level Agreement

Our SLA specifies the expected availability, performance, and support of the service, as well as any guarantees or warranties offered.

Procurement

At the Ambassify, we strive to foster supplier relations that are fair, balanced and in line with our company values.

• Terms of Service
• Company Values
• Corporate Social Responsibility (CSR)
• Sustainable Procurement

Compliance and Corporate Responsibility

Company Details

As Data Processor

All documents related to Ambassify handling your data as a customer, platform admin or platform user.

• Privacy Policy
• Cookie Policy
• Service Level Agreement
• Sub-processors and TIAs
• Data Processing Agreement (GDPR) DOCX

As Data Controller

All documents related to Ambassify handling our data of you as a website visitor, subscriber, prospect, customer or supplier.

• Privacy Policy
• Cookie Policy

Privacy by Design

We apply Privacy by Design in our product development. Below are some of the Privacy features we have in place.

• Consent management
• Privacy Mode
• Pseudonimization or anonymization of data
• Download PII Data Flow Diagram
• Subject Rights

Technical measures

We have TOMs in place which will help us to prevent data breaches and ensures compliance with the principle of data protection by design.

• Appropriate data disposal
• Data Protection
• Encryption in transit and at rest
• Logging and monitoring
• Password management and MFA
• Physical access security
• Pseudonimization or anonymization of data
• Secured Backups
• Up-to-date virus scan, firewalls and IDSs
• Logical access control

Organisational measures

We have TOMs in place which will help us to prevent data breaches and ensures compliance with the principle of data protection by design.

• Acceptable Use
• Awareness & Training
• Breach notification policy
• Change Management
• Clean desk policy
• Due diligence checks on processors
• Data Retention
• Disaster Recovery
• Incident Response
• Information Classification
• Information policy for staff
• NDA with all employees and contractors
• No customer data outside production environment
• Offboarding process
• Record retention and destruction
• Risk Management System
• System Access
• Well defined roles and responsibilities
• Yearly external security audit

Security by Design

We apply Security by Design in our product development. Below are some of the Security features we have in place.

• Enterprise SSO (SAML/Federation)
• Dedicated outgoing mail server IP
• Email address restriction for login
• Whitelabel domains
• Roles and permission system
• Browsers supported

ISO 27001:2022

Ambassify is ISO 27001:2022 certified, ensuring top-tier information security management, reducing risks, and building trust with customers.

Self Assessment CAIQ

To answer all your Vendor Risk Management process questions we've created a pre-completed Cloud Security Alliance (CSA) Consensus Assessment Initiative Questionnaire.

External Yearly Audit

Our Ambassify platform is auditted on a yearly basis for security vurnabilities by an external party. Below you can download the version of the last audit.

SSL Labs

A+

We apply security by design and encryption is an essential part of that. SSL Labs gives our current SSL configuration for encryption in transit a A+ grade.

System Status

Operational

For all information about the status of our platform and maintenance windows you can take a look at our status page.

Product Changelog

We constantly improve our platform by rolling out new features and improvements on a continuous basis.