How does MailUp infrastructure guarantee compliance with the GDPR?

Information security and adequate management policies for data are our priorities and the reason we make continuous investments in technology.

For many sectors, the GDPR [General Data Protection Regulation] represents an important social innovation. In fact, it clarifies and allows individuals to manage their own privacy. MailUp has considerable experience in threat protection, in privacy protection, and in an array of compliance regulations.

We maintain a policy of transparency and aim to provide you with the information you need to feel secure when you use the platform.

Every day we renew our commitment to our principles in terms of trust in the cloud, data protection, and data security.

As required by regulations, our infrastructure and security policies have been subjected to an assessment for gauging adequacy and preliminary impact on data protection. These assessments will continue to be conducted regularly to keep to the highest standards of data protection compliance.

Data Center Located in Europe

To safeguard the confidentiality, integrity, and availability of data, the MailUp platform relies on a physical data center located in Italy. It is accessible by our staff both physically (via biometric access control) and through a virtual private network.

Data Loss Prevention (DLP)

MailUp believes that data loss prevention features are of critical importance as they prevent sensitive information from being shared without permission.

An organization’s data is fundamental to its success. Data must be immediately available to enable decision making, but at the same time it must be protected to prevent it from being shared with those who are not authorized to access it.

For this reason we have implemented a series of organizational and technical measures that allow us to guarantee our customers not only the prevention of unauthorized access, but also adequate security – in relation to the classification of the treated data — for all authorized accesses.

Mitigation Techniques

The infrastructure is designed to be resilient to DDoS (Distributed Denial of Service) attacks through DDoS mitigation systems that can automatically detect and filter excess traffic by including scalability to handle unexpected traffic volumes using dedicated load balancers.


Threat Protection

Multi-Factor Authentication and Firewalls

Monitoring and Access Control

Vulnerability Assessment

Incident Management

Physical Security of Data Centers

Availability and Integrity of Personal Data

To ensure data availability, in the event of hardware malfunctions, backup copies are scheduled at least once per day for the most critical servers. This data is saved on systems installed in a dedicated backup site, which is also located within the European Union.

MailUp maintains a backup copy of the databases loaded by customers for the time necessary that is specified in the data retention policy and then they are automatically deleted.

These backups are checked periodically, are organized in such a way as to ensure the separation of data for each customer and are securely encrypted to ensure maximum confidentiality of the data.

Tracking and Disposal of Hardware


Where provided, we use service/partner providers only after verifying that they can provide an adequate level of security, privacy, and specific guarantees on the possibility of managing data processing entirely in Europe.
Our Partners: