Strict user authentication protocols are in place, ensuring that only authorized personnel can access sensitive documents and information.

We conduct regular audits to rigorously assess and enhance our security measures, maintaining the highest standards of data protection.

Every piece of data, especially sensitive and private information, is encrypted in transit and at rest, ensuring maximum security against unauthorized access.

A comprehensive incident response plan is established to quickly and effectively address any security breaches or threats.

Our security practices are aligned with global privacy standards, ensuring compliance with regulations like GDPR and SOC2.

Transparent reporting mechanisms are in place, providing clear visibility into our security operations and compliance status.

All datastores are encrypted at rest. Sensitive collections and tables also use row-level encryption.

Resend uses TLS 1.3 or higher everywhere data is transmitted over potentially insecure networks.

Resend backs-up all production data using a point-in-time approach. Backups are persisted for 30 days, and are globally replicated for resiliency against regional disasters.

All company devices are equipped with anti-malware protection. Endpoint security alerts are monitored with 24/7/365 coverage. We use MDM software to enforce secure configuration of endpoints, such as disk encryption, screen lock configuration, and software updates.

Onedoc provides comprehensive security training to all employees upon onboarding and annually. Onedoc conducts threat briefings with employees to inform them of important security and safety-related updates that require special attention or action.

Onedoc employees are granted access to applications based on their role, and automatically deprovisioned upon termination of their employment. Further access must be approved according to the policies set for each application. Multi-factor authentication is required for all employees to access company applications.