Mailjet Becomes the First ISO 27001 Certified and GDPR-Compliant Email Service Provider

PARIS – Nov 28, 2017: Today Mailjet announces that it offers the highest level of data privacy and security available in the email industry. Having successfully attained the ISO 27001 certification and implemented GDPR’s rigid requirements, Mailjet clients (including Microsoft, AVIS, TAGHeuer) now benefit from unparalleled security and protection over their email data.

ISO 27001 for a Globally Recognized Achievement in Email Data Security

Mailjet is the only pure player email service provider to have obtained the ISO 27001 certification, the international standard for best practices of information security processes.

“Organizations collect, process and hold ever-increasing volumes of personal data to enable relevant and timely email communication with their customers. Data security continues to be a huge responsibility and challenge, and they need assurance that their email service provider can deliver this.” says Pierre Puchois, CTO Mailjet.

Undergoing ISO 27001 certification requires companies to not only implement company-wide processes pertaining to security policies, data handling and access, but also infrastructure changes.

Pierre Puchois continues, “we chose the ISO 27001 certification by BSI as it’s the international standard. Some of our competitors have opted to implement privacy standards that are known in their countries locally, but with 100K+ clients around the globe, we wanted Mailjet’s security stamp of approval to be one that is sought after in the USA, Europe and abroad.”

GDPR-compliancy allows Mailjet clients full protection of their personal data.

GDPR (the General Data Protection Regulation) which affects all enterprises (EU based or not) processing personal data of any EU citizen, will apply from May 25, 2018. At this time, those in non-compliance may be subject to fines up to €20 million or 4% of annual global turnover. Under the new regulation, both the enterprise collecting personal data as well as the third-party providers treating this same data (example: CRM systems, email providers, cloud hosting solutions) must respect the GDPR requirements.

“Third-party providers are often the weakest link in a company’s ability to be GDPR-compliant” comments Darine Fayed, Head of Legal and Data Protection Officer for Mailjet. “Email service providers pose an especially high risk as they regularly process and store a large scale of personal data (example: first name, email address, IP addresses) on behalf of enterprises. That is why compliance from the entire processing chain is so important today.”

Mailjet has now successfully put in place all obligations required to be GDPR-compliant, including the implementation of privacy frameworks, data protection by design, and the ability for individuals to easily have more control over their personal data.

“Mailjet was already the only EU-based email service provider available on Microsoft Azure, Google App Engine and Google Compute Engine, and now we’ve become the only email service provider to be both ISO 27001 certified and GDPR-compliant. These accomplishments in data privacy and security propel Mailjet to another level of service excellence in the competitive email industry. We’re proud of these achievements and what it means not just for our clients, but for the individuals whose data we protect on behalf of our clients.” – Alexis Renard, CEO Mailjet

About Mailjet

Mailjet is an all-in-one solution to send, track and deliver both marketing and transactional emails. Its cloud-based infrastructure is unique and highly scalable with a proprietary technology that optimizes email deliverability. Mailjet can be accessed either via an easy-to-use online drag-and-drop interface or via APIs that allow developers to integrate its features within their online app or service, or its sophisticated SMTP relay. Mailjet has offices worldwide (including Paris, London, Berlin, Toronto and New York) and 100k clients and partners across 150 countries.