Keeping Your Email Data Protected: Folderly Security Compliance

Keeping Your Email Data Protected: Folderly Security Compliance

Dariia Leshchenko
Feb 13, 2024
Reading duration
9 min


  1. ISO and SOC Certifications
  2. Folderly GDPR, CCPA, and CASL Compliance 
  3. CAN-SPAM Act Compliance Policy
  4. Secure Use of Client Emails
  5. Receiving Emails from Folderly
  6. Login Details Safety: Folderly & Google OAuth
  7. Your Rights as a Folderly Customer
  8. Folderly Team Education
  9. Conclusion: Security Is Embedded in Folderly Culture
  10. Frequently Asked Questions

If you're questioning Folderly's safety, it's wise to do so, especially in light of email server vulnerabilities. According to a report by Mimecast, 97% of companies are targeted by email-based phishing attacks.

Keeping users’ data safe and staying up-to-date with the latest security standards is always top of mind at Folderly. But, for sure, words are cheap without support to back them up. 

So, here's a detailed review of what makes Folderly the safest email outreach platform, with answers to the most common security questions you might have.

FYI: Feel free to contact our support team with any concerns.

ISO and SOC Certifications

At the beginning of 2024, Folderly was approved to achieve not one, but two prestigious security certifications: SOC 2* and ISO 27001, as proof of our product’s commitment to data security. The independent organizations conducted Folderly’s audit and affirmed that our information security policies and practices meet industry security standards. 

SOC 2 (Type 2) certification: This globally recognized standard validates our security, confidentiality, availability, processing integrity, and privacy controls. Type 2 requires an independent audit to assess the actual operation of controls over a period of time, offering stronger assurance than a Type 1 report.

ISO 27001 certification: This international standard confirms our adherence to best practices for information security management (ISM).  It defines a framework for creating, implementing, and maintaining an ISMS tailored to an organization's specific needs and risks.

What Do These Certifications Mean for Folderly Users?

Long story short, they mean that choosing Folderly assures you of trust, transparency, and adherence to the highest security standards.

❗️ Unlike popular email warmup tools banned by Google, we NEVER use your data to send emails between clients. Our approach that goes beyond warmup meets Google’s requirements and shows commitment to ethical and responsible data handling.

By earning these certifications, Folderly assures you that:

  • We handle your data securely and responsibly. We follow strict industry-standard policies and procedures to safeguard your information from unauthorized access, misuse, or loss.

  • We are transparent and accountable. Independent auditors have examined our practices, ensuring we meet the highest security expectations.

  • We have all the appropriate documentation that proves our high security standards. 

  • ​​We assure a systematic approach to identifying, assessing, and mitigating security risks.

Folderly GDPR, CCPA, and CASL Compliance 

As a user of Folderly, you can rest assured that your personal data is safe and secure. Folderly takes GDPR, CCPA, and CASL compliances very seriously and has implemented strict measures to ensure that its users' data is protected. 

What is GDPR? GDPR (General Data Protection Regulation) is an essential component of EU privacy law and human rights law. When it comes to GDPR in email marketing, you are not allowed to send promotional emails to individuals without explicit consent.

The main purpose:  provide EU citizens (and outside Europe if a person is a resident in the EU) with 100% control over their personal data.

What is CCPA? CCPA (California Consumer Privacy Act) is an essential privacy law that regulates how businesses collect and use the personal data of California residents. It applies not only to all companies doing business in California but also to those that handle the personal information of California citizens.

The main purpose: give California residents 100% control over their personal data.

What is CASL? CASL (Canada's Anti-Spam Legislation) is an essential law that regulates how businesses send commercial electronic messages (CEMs) and requires obtaining explicit consent from recipients. It applies to all businesses in Canada, including small companies.

The main purpose: protect Canadian citizens from all electronic threats, such as phishing, spyware, malware, and others.

To respect the rights of Folderly users under these regulations, we do the following:

  1. Provide an easy-to-use option to opt-out or unsubscribe from any promotional emails you receive.
  2. Securely store your data on servers protected by firewalls and encryption technology.
  3. Always disclose how we use and share the data and never use personal data without explicit consent.
  4. Adhere to the principle of data minimization, which means that we only collect and store the data needed to provide services to you.
  5. Delete your data when it’s no longer needed.
  6. Never sell your personal data to any third party.
  7. Ensure that our users have control over their data at all times (make it easy for you to request access to your personal data, rectify any inaccuracies, or have your data deleted altogether).

You can be confident that your personal data is in safe hands and that we are always working to respect your rights under GDPR, CCPA, and CASL regulations.

CAN-SPAM Act Compliance Policy

The Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM Act) is a law that regulates emails sent for commercial purposes. 

At Folderly, we always comply with CAN-SPAM Act. We do not allow sending emails to addresses obtained illegally or unethically, including but not limited to data theft, deception, hacking, spoofing, fishing, etc.

The rules we follow according to the CAN-SPAM Act Policy:

  1. Don’t use any false or misleading information in the subject line of your email as well as the ‘From,’ ‘To,’ and ‘Reply To’ fields. Do not hide original domain names and email addresses.
  2. Never use deceptive subject lines; only the ones that accurately reflect the content of your email.
  3. Clearly state or otherwise identify that email is an ad.
  4. Provide full and accurate contact information and the location of our business, including physical postal address or post office box.
  5. Provide active links to unsubscribe from the mailing list or provide clear and full information on how to opt-out from receiving emails from us. 
  6. Monitor our compliance regularly.
  7. Obtain explicit permission from the recipient before sending any commercial emails.
  8. Honor opt-out requests promptly and remove the recipient's email address from the mailing list within ten business days.
  9. Train all Folderly employees who send commercial emails to comply with the CAN-SPAM Act Policy.

Secure Use of Client Emails

The most common concern people interested in Folderly have is “Do you receive access to our emails?” Here’s a chill pill before we explain in detail — No, we DON’T!

We don’t access and never read your personal emails. Folderly doesn’t use clients’ mailboxes for email interactions with real people. All the emails we send from your domain to fix email deliverability if requested, are sent to the infrastructure of email addresses hand-picked by the Folderly team to ensure a 100% open rate.

Any emails we send to the carefully selected system of email addresses are automatically archived after being opened, thus preventing any disruption to your inbox.

The Folderly team never shares your personal data/personally identifiable information with third parties for promotional or any other purposes. We also don’t sell or rent your Personal Data.

Receiving Emails from Folderly

We may send you service, technical, and other administrative emails, messages, and other types of communications, only staying compliant with GDPR, CCPA, and CASL laws.  The type of emails you may receive as a Folderly user: 

➡️ Important products-related notices. We may send you changes in our product, tools, security, and fraud notices. These emails are part of Folderly products. Also, this group includes emails with feedback aimed at improving our user experience. 

➡️ New products and features updates. We sometimes send emails about new product features, solutions, promotional communications, or other news about Folderly. 

➡️ Billing, account management, and other administrative matters. The Folderly team may need to contact you for new invoices, account management, and similar reasons related to billing and payments.

All these emails are critical to ensuring that you have a seamless and uninterrupted experience with our product.

Marketing information and regular newsletters will only be sent to you with your explicit consent. Besides, as required by all the laws discussed, we always offer an easy way to unsubscribe.

You can trust us to keep you informed in a professional and respectful manner.

Login Details Safety: Folderly & Google OAuth

Most email marketing solutions have access to clients’ email boxes to send email interactions. It’s not secure because after signing up, users give access to their login information. We’re proud to say that Folderly has the Industry-Standard Protocol For Authorization.

Folderly doesn’t use clients’ mailboxes for email interactions and doesn’t have access to login data. From now on, Folderly’s users can officially use Google OAuth to grant access to their information without giving passwords. Connecting Gmail mailboxes to Folderly is now 100% safe (and hassle-free). What does it mean for Folderly users?

➡️ Streamlined authorization process. From now on, the authorization process will take 20 seconds. Once users sign in with a Google account, there’s no need to enter the app password again to access the Folderly account. With Google OAuth, it is possible in a matter of seconds. 

➡️ An extra layer of security. Now, Folderly users can share specific data with the tool while keeping their sign-in information, such as usernames and passwords, private. In simple words, connecting Gmail mailboxes to Folderly is now 100% safe.

We do our best to process as little personal information as possible.

Your Rights as a Folderly Customer

At Folderly, we understand the importance of data protection and respect our customers' rights to control their personal data. As a Folderly customer, you have the following rights:

➡️ Have your personal data adjusted or deleted. You have the right to have your personal data adjusted or deleted. If you believe that any of the personal data we hold about you is inaccurate, incomplete, or outdated, you may contact our support team at to request a correction or deletion of your personal data.

➡️ Ask the Folderly team to stop using any of your Personal Data. You have the right to ask the Folderly team to stop using any of your Personal Data. You can request us to stop using your data for any purpose, including marketing, by emailing us at the above-mentioned email address.

➡️ Unsubscribe from marketing emails. You have the right to unsubscribe from marketing emails. We respect your privacy and understand that you may not wish to receive marketing communications from us. Therefore, we provide an easy unsubscribe option in all marketing emails we send. However, please note that if you unsubscribe from marketing emails, you will continue to receive transactional messages related to Folderly products.

➡️ Complain to a regulator. If you feel your personal security data are anyhow violated, you have the right to lodge a complaint with your local regulatory authority.

Folderly Team Education

100% security is possible only with a comprehensive approach. That’s why we continuously train our team on best security practices. This ensures that our team is fully aware of our privacy policies and possesses the necessary skills to collect, process, store, and delete your data safely.

Also, all Folderly employees sign a Privacy Safeguard Agreement outlining their responsibility in protecting user data.

The Folderly team never shares the personal data of users with third parties for commercial purposes. We also never sell or rent your personal data.

Conclusion: Security Is Embedded in Folderly Culture

Users’ security stays our priority. We continue working on security enhancements, so organizations of different sizes can enjoy an email performance platform that delivers more comprehensive protection. We are committed to ensuring the 100% security of our services and customer information.

Please note that to stay up-to-date with laws, we may need to update Folderly Privacy Policies. We will, however, always maintain our commitment to respect users’ privacy and will notify every user of any changes that may impact one’s rights.

You may contact us with questions about Folderly security policies by emailing:

Frequently Asked Questions 

Do you have access to my CRM system data?

No, Folderly has no access to any insights, data, or management of CRM systems you use for email marketing. 

What do you do if data breaches take place? 

Data breaches must be reported to the appropriate supervisory authority within 72 hours unless they were anonymized or encrypted. Also, we will notify you and provide information on protective steps, if available, through your email address. 

Is my data encrypted when using Folderly?

Yes, all data transferred between your email service provider and our platform is encrypted using the latest security protocols.

How does Folderly protect my login credentials?

We use advanced encryption algorithms to store your login credentials securely. We also offer two-factor authentication as an additional layer of security.

Does Folderly store any sensitive user data?

No, we do not store any sensitive user data, such as credit card information or social security numbers. We only collect the data necessary to provide our services.

What measures does Folderly take to prevent unauthorized access to my account?

We use industry-standard security protocols to prevent unauthorized access to your account, including firewalls, intrusion detection, and access control policies. We also monitor our systems 24/7 for suspicious activity.

How does Folderly ensure the privacy of my email communications?

We use end-to-end encryption to ensure that your email communications are private and secure. This means that only you and your intended recipient can read the contents of your emails.

Dariia Leshchenko
Dariia Leshchenko
Head of Customer Success
Dariia is the Head of Customer Success at Folderly, bringing over 3+ years of successful client management. Her dedicated approach to every customer proves that no issue is impossible to fix. Dariia advocates for the synergy of new-level email analysis technology and a human approach to improving email performance.

Also you may like

Common Challenges of Folderly Clients
Product7 min
Common Challenges of Folderly Clients

Working with clients is an art you have to master constantly to make sure all of them are having a great experience using your solution. However, it's not a piece of cake to achieve. What are the common challenges of Folderly client's best practices? Let's listen to Dariia, the Head of Email Deliverability at Folderly.