Skip to main content

Data Protection

This page is the canonical target for legacy data protection policy content unless legal chooses to merge it into Personal Data Protection.

Implementation teams should protect:

  • API keys.
  • Webhook signing secrets.
  • Recipient data.
  • Suppression lists.
  • Export files.
  • Message metadata that may contain customer identifiers.

Confirm final policy wording before publish.