Security and Privacy at Salesmsg

At Salesmsg, protecting your data is our top priority. We’re committed to keeping your information secure, private, and always in your control - because earning your trust starts with safeguarding your data.

Governance

Our security and privacy practices are guided by industry standards and rooted in the following principles:

  • Access is restricted to only those with a legitimate business need, based on the principle of least privilege.
  • Security controls are layered using a defense-in-depth approach to protect data at every level.
  • Controls are consistent and enforced across the entire organization.
  • We continuously improve our policies and systems to increase effectiveness, reduce risk, and simplify compliance.

Security and Compliance

Salesmsg operates in compliance with major privacy regulations and telecommunications standards, including:

  • 10DLC and Toll-Free Messaging Compliance
  • CCPA (California Consumer Privacy Act)
  • GDPR (General Data Protection Regulation)

We follow security best practices inspired by SOC 2 and ISO 27001 frameworks, and are actively working toward SOC 2 compliance. And securely store all customer data in the United States (AWS Data Centers).

Data Protection

Data at Rest

All customer data is encrypted at rest using Amazon RDS with AWS KMS, and stored in U.S.-based AWS data centers. Sensitive contact information is further protected by internal policies and data ownership rights - you own your data, and we never sell it.

Data in Transit

Salesmsg uses TLS 1.2 or higher for all data transmitted over public networks, ensuring secure communication between your device and our servers.

Secret and Key Management

Encryption keys are managed using AWS Key Management Service (KMS), with all key material stored in Hardware Security Modules (HSMs). Application secrets are encrypted and securely stored in AWS Secrets Manager and Parameter Store.

Product Security

Secure Access Control

Access to customer data within Salesmsg is limited to authorized personnel and requires explicit permission. All internal systems are protected by multi-factor authentication and role-based access policies.

Penetration Testing & Vulnerability Scanning

Salesmsg regularly tests its systems for vulnerabilities and engages with security experts to perform audits. We use both static and dynamic analysis tools in our development lifecycle to identify and mitigate risks before they reach production.

Endpoint and Network Protection

Corporate devices are managed through MDM software and are protected with encryption, malware detection, and enforced security policies.

Enterprise Security

Remote Access

Access to internal resources is secured via VPN and DNS filtering to protect users and devices from malicious traffic.

Vendor Risk Management

Salesmsg evaluates all third-party vendors based on data access, system integration, and potential business impact. We only work with providers who meet our security and privacy expectations.

Employee Training

Every Salesmsg employee receives security and privacy training during onboarding and annually thereafter. Engineers also receive secure coding training to ensure protection is baked into our products from day one.

Identity & Access Management

Salesmsg uses centralized authentication systems and enforces strong, phishing-resistant authentication methods wherever possible. Access is granted based on roles and automatically revoked when employees leave the organization.

Data Privacy

Your Data, Your Control

Salesmsg does not sell or monetize your data. You retain ownership of all personal and contact data you store on our platform.

We never market to your personal contacts and never share your data except as required to provide our services or comply with legal obligations.

Data Deletion

You may request deletion of your personal information at any time. Data is removed via one-way obfuscation and deleted in accordance with our retention policy.

Retention & Storage

We retain personal information for as long as necessary to provide our services and meet our legal obligations. All data is stored in secure AWS facilities located in the U.S.

Compliance with Messaging Regulations

To enable compliant delivery of 10DLC and Toll-Free messages, Salesmsg collects and shares required business information with registered telecom providers. This ensures proper campaign registration, identity verification, and regulatory compliance.

Cookies and Tracking

Salesmsg uses cookies to improve your experience, monitor site usage, and support essential website functionality. You can manage cookie settings through your browser. For more information, see our Privacy Policy.

Contact Us

If you have any questions about security or privacy at Salesmsg, please contact us:
📧 support@salesmessage.com
📍 SalesMessage, Inc., 1045 E. Atlantic Ave #202, Delray Beach, FL 33483

Last Updated:

July 29, 2025

This policy describes our current practices. We may update it periodically as our security program evolves.

Product

Features
Integrations
Apps
Pricing
Request a demo

Company

About us
Careers
Contact us
Partners
Talk to sales
NEW Wall of love

Resources

API Documentation
API Guidelines
10DLC
Case studies
Texting Playbook
Videos
Product updates
Help center
Status Page
logo salesmsg
Google Play bangeApple Store bange

© 2025 SalesMessage, Inc. All rights reserved.

Terms & Conditions   /   Terms of Use   /   Privacy Policy   /   Billing Policy   /   Acceptable Use Policy  /  Security and Privacy

Watch Demo

Request a Demo
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.