Legal Center

Yes. Ambassify is ISO 27001:2022 certified. Our Information Security Management System (ISMS) is audited annually by an independent European security firm. The certification covers the entire Ambassify platform, including our infrastructure, development processes, and organizational controls.

We maintain our ISMS through Vanta, which provides automated evidence collection and continuous control monitoring. Our security posture is reviewed through semi-annual risk assessment sessions, and all ISMS policies undergo an annual review cycle.

Our ISO 27001:2022 certificate is publicly available for download. We also hold cybersecurity insurance from Allianz.

Yes. Ambassify is fully GDPR compliant. All customer data is hosted on AWS infrastructure within the European Union (Dublin and Frankfurt regions). Our AWS data centers hold industry-leading certifications including SOC 2 Type II and ISO 27001.

Our GDPR compliance programme includes:

• A dedicated Data Processing Agreement (DPA) signed with every customer
• Standard Contractual Clauses (SCCs) in place with all sub-processors
• Data subject rights support (access, rectification, erasure, portability)
• A formal data breach notification policy
• Annual data retention reviews
• A publicly documented privacy policy

Ambassify NV is a Belgian company (registered in Hasselt, Belgium), and all data processing activities are subject to Belgian and EU law.

Full GDPR documentation is available on our data protection page. Our DPA is available at data processing agreement.

We maintain a publicly available list of all sub-processors. Sub-processors are categorized into three groups — support, infrastructure, and functionality — so customers can clearly understand the role of each provider.

We provide a minimum of 30 days' advance notice before activating any new infrastructure or functionality sub-processor. This notice period allows customers to review the change and raise objections. Our AI integration runs on OpenAI instances hosted on our own AWS infrastructure within the EU — customer data never leaves our controlled environment.

We actively work to minimise the number of sub-processors in our stack. For example, we migrated from GitHub to GitLab specifically to reduce our sub-processor footprint.

Yes. All customer data is encrypted both at rest and in transit.

Our encryption standards, governed by our ISMS Cryptography Policy:

• Data at rest: AES-256 bit encryption on all AWS storage, including backups
• Data in transit: TLS 1.2 or higher; our web endpoints maintain a Grade A or better on the Qualys SSL Labs rating
• Certificates: RSA (2048-bit or greater) or ECC (256-bit or greater) with SHA-2+ signatures
• Password storage: Bcrypt/PBKDF2/scrypt/Argon2 with unique cryptographic salt and pepper
• Key management: AWS KMS with automatic key rotation; maximum certificate key expiration of 1 year

Encryption controls are covered under our ISO 27001:2022 certification. Technical and Organizational Measures (TOMs) are documented on our TOMs page.

Yes. Ambassify supports Enterprise SSO with multiple authentication protocols, including SAML 2.0, WS-Federation, OAuth 2.0, and OpenID Connect (OIDC). This allows organisations to connect their existing identity providers (such as Azure Active Directory / Entra ID) and let employees log in with their corporate credentials.

Role-based access control is built into the platform, allowing administrators to assign granular permissions. Multi-factor authentication (MFA) is enforced for privileged accounts and administrative access to our internal systems.

Enterprise SSO is included in all licence tiers. Feature details are available in our product documentation.

Ambassify maintains a formal Incident Response Plan and Business Continuity/Disaster Recovery Plan, both tested at least annually.

Incident response:

• Incidents are classified into four severity levels (S1-Critical through S4-Low)
• S1 (Critical) incidents trigger immediate CISO notification and a dedicated response team
• Root cause analysis is mandatory for all verified S1 incidents
• Post-mortem reviews are conducted at the CISO's discretion
• Annual tabletop exercises test our response readiness

Disaster recovery:

• AWS Datacenters: RTO 3 days / RPO 1 day (restore in alternate AWS region)
• Our stateless infrastructure design enables rapid recovery
• Daily encrypted backups stored in a separate location from production
• Backup restore procedures tested at least annually

More details on our business continuity and incident response pages. Platform uptime is monitored at status.ambassify.com.

Customer data is retained for up to 30 days after contract termination, after which it is permanently deleted. This grace period allows for orderly data export if needed.

Our data retention framework:

• Customer platform data: Deleted within 30 days of contract end
• Customer support tickets: Retained for 5 years (legal obligation)
• Temporary/debug data: Automatically purged within 24 hours
• Personal identifiable information: Deleted as soon as it is no longer needed for its stated business purpose

Data retention periods are reviewed annually as part of our ISMS policy cycle. Customers may request a certificate of data destruction upon completion of the deletion process.

Yes. Ambassify signs a Data Processing Agreement with every customer. The DPA is included as standard in all licence agreements and is available for review before contract signing.

Our DPA covers:

• Scope and purpose of data processing
• Categories of personal data processed
• Data subject rights and support obligations
• Sub-processor management and notification procedures
• Standard Contractual Clauses (SCCs) for any non-EU data transfers
• Breach notification procedures
• Data deletion obligations upon contract termination
• Audit rights

The DPA is structured to comply with GDPR Articles 28 and 46, and is regularly reviewed by legal counsel to reflect regulatory updates. Available at data processing agreement.

Ambassify conducts quarterly vulnerability scans on all public-facing systems and annual penetration tests performed by an independent third party.

Our patch management SLAs:

• Critical vulnerabilities: Remediated within 15 days
• High: Within 30 days
• Medium: Within 60 days
• Low: Within 90 days

Additional security measures include automated TLS uptime monitoring and vulnerability detection. Penetration test scope covers the complete product: API endpoints, databases, mobile app, end-user and admin interfaces.

Annual penetration test reports are available upon request under NDA. Vulnerability management is covered under our ISO 27001:2022 certification.

Yes. AI features are entirely optional and require explicit activation. No customer data is sent to any AI provider unless the customer has actively enabled AI functionality.

Our approach to responsible AI:

• AI features are powered by OpenAI (ChatGPT) running on our own AWS infrastructure within the EU — customer data never leaves our controlled environment and is not sent to OpenAI's public API
• No customer data is used to train AI models
• AI features can be disabled at any time without affecting other platform functionality
• We chose explicit opt-in over silent rollout specifically to maintain GDPR compliance and customer trust

More details on our Responsible AI policy.

Ambassify guarantees a minimum average uptime of 99.99%, calculated on a monthly basis. If we fall short, customers receive service credits as defined in our SLA.

Key availability details:

• Maintenance window: Sunday 20:00h to Monday 02:00h CET. Major changes are communicated at least 7 days in advance.
• Maximum scheduled downtime: 6 hours per week for maintenance
• Daily backups: Performed automatically with no downtime
• Disaster recovery: RTO of 3 days / RPO of 1 day with restore in an alternate AWS region

Real-time platform status is available at status.ambassify.com. Full SLA details on our Service Level Agreement page.

Yes. Production, staging, and development environments are fully separated from one another.

• Production data is never used in non-production environments
• Only anonymized or synthetic data is used for development and testing purposes
• All production changes go through a formal change management process
• Changes are tested and approved in a non-production environment before release

More details on our operations security and application security pages.

Ambassify employs multiple layers of network security to protect our infrastructure and customer data.

• Web Application Firewall (WAF): All public-facing traffic is filtered through a WAF to block common web exploits and attacks
• DDoS protection: Automatic mitigation of volumetric and application-layer DDoS attacks
• Network segmentation: Systems are segmented with access controls to limit lateral movement
• Firewall reviews: Firewall rules are reviewed regularly to ensure they remain appropriate
• Anti-spoofing: Anti-spoofing measures are enabled to prevent forged network traffic
• Intrusion detection: Up-to-date virus scanning, firewalls, and intrusion detection systems are in place

More details on our operations security page.

Ambassify provides multi-channel support during business hours (Monday to Friday, 09:00h–18:00h CET), with extended hours available depending on the support plan.

Support is available in English, Dutch, and French. Channels include an in-app support ticket system, dedicated email, and phone support. Incidents are classified into four levels based on severity, from critical (complete service unavailability) to low (limited impact with accepted workaround), each with defined target and guaranteed response times.

Full support terms, response times, and escalation procedures are detailed in our Service Level Agreement.

Yes. Ambassify integrates with a wide range of tools to fit into your existing workflows.

• Microsoft Teams: Embed the Ambassify community directly within the Teams desktop, mobile, and web applications
• Zapier: Connect Ambassify with 6,000+ apps to automate workflows
• Salesforce: Sync advocacy data with your CRM
• Webhooks: Build custom integrations with real-time event notifications
• Strava: Integrate fitness challenges into your employee engagement campaigns

For a full overview, visit our integrations page.