Trust Center

How senderZ stays trustworthy

Messaging platforms have to earn their keep on trust first and features second. These pages document how senderZ handles the parts that matter most to enterprise and technical buyers.

Posture: SOC 2 Type II Planned — Q2 2027 · GDPR DPA Available on request · Pentest Planned — Q3 2026 · HIPAA BAA Not applicable

Security

API key hashing, AES-256-GCM encryption, tenant isolation, and our vulnerability disclosure process.

Compliance

TCPA and CTIA obligations, STOP keyword handling, quiet hours, and consent logging.

Privacy

Data categories, sub-processors, retention, and how we handle GDPR and CCPA requests.

Architecture

System topology, queue semantics, tenant isolation enforcement, and recovery time objectives.

Limits

Per-plan caps, per-phone throughput, warming behavior, and the ceiling-increase process.

Need something formal?

We share our DPA, SOC 2 status, security questionnaire responses, and other formal materials under NDA. Email us or request access below.

Request DPA Request SOC 2 status Request security questionnaire Request pentest report