Security at Mailly

Security at Mailly

Mailly.io is operated by UnderBoss Media LLC, Casper, Wyoming, United States.
Last Updated: 28.01

Our Commitment

Security is fundamental to how Mailly is built and operated. We implement technical and organizational safeguards designed to protect customer data, maintain platform integrity, and reduce operational risk.

Infrastructure & Hosting

  • Cloud infrastructure hosted on secure enterprise-grade providers.
  • Network segmentation and firewall protection.
  • Infrastructure-level monitoring and threat detection.
  • Geographically distributed systems where applicable.

Data Protection

  • Encryption in transit (TLS).
  • Encryption at rest where applicable.
  • Role-based access controls (least privilege principle).
  • Access restricted to authorized personnel only.

Authentication & Access

  • Secure authentication mechanisms.
  • Session management and access logging.
  • Monitoring for abnormal login patterns.
  • Immediate revocation of access upon role termination.

Monitoring & Incident Response

  • Logging of critical system events.
  • Security monitoring for suspicious behavior.
  • Incident response procedures for potential security events.
  • Prompt notification to affected customers where legally required.

Application Security

  • Code review and secure development practices.
  • Dependency management and patching.
  • Vulnerability monitoring.
  • Protection against common web vulnerabilities (e.g., injection, XSS).

Data Segregation

Customer environments are logically segregated. Customers can only access their own workspace and data.

Backups & Business Continuity

  • Operational backup procedures.
  • Disaster recovery processes.
  • Platform redundancy where feasible.

Subprocessors

Mailly uses trusted third-party providers for hosting, analytics, and payments. Each subprocessor is subject to contractual data protection obligations. A current list of subprocessors is available upon request.

Customer Responsibilities

Customers are responsible for:

  • Securing their credentials and devices.
  • Using strong passwords and access controls.
  • Ensuring lawful processing of uploaded data.

Vulnerability Reporting

If you discover a security vulnerability, please report it to:
security@mailly.io

Disclaimer

No system is completely secure. While we implement safeguards designed to reduce risk, Mailly does not guarantee absolute security against all possible threats.