Help Center

HOME Submit a ticket My Tickets
Welcome
Login  Sign up
  1. Solution home
  2. The Email Signature Management Platform
  3. Goodies for Xink administrators

Xink Security Overview and Data Protection Practices

Modified on 2026-04-12 10:07:08 +0200 by Michael Kashirin.

Summary:
This article outlines how Xink protects your data, including infrastructure, encryption, access control, and compliance with industry security standards.

As a Software-as-a-Service (SaaS) platform, protecting your data is a top priority. Xink is designed with a privacy-by-design approach, ensuring that security and data protection are embedded throughout the platform.

Xink is a centralized platform for managing company email signatures. With Xink, your company can:

Enforce and maintain brand consistency across all email signatures.
Extend marketing campaigns into everyday email communication.

Your data remains your property. Xink does not share your data with third parties.

We follow recognized security frameworks such as ISO, NIST, and OWASP, and all employees are trained to comply with internal security policies.

Infrastructure

Xink is hosted on Microsoft Azure, which meets global security and compliance standards:

  • ISO 27001, 27017, 27018
  • SOC 1 and SOC 2

Azure provides high availability (99.5%–99.99% SLA), backup, and recovery capabilities.

Xink follows the principle of least privilege, granting access only when necessary for specific roles.

Web servers

Access to the Xink portal is secured via HTTPS with TLS 1.2 or higher, ensuring encrypted communication.

Databases

Data is stored in Azure SQL Database across multiple regions:

  • USA
  • Canada
  • United Kingdom
  • European Union
  • Australia

Data security

Encryption at rest
Data is encrypted using 256-bit AES (TDE) and complies with FIPS 140-2 standards.

Encryption in transit
All services enforce TLS 1.2+ encryption.

Backups
Daily database backups are securely stored and protected.

Deployment methods

Xink supports multiple deployment options:

  1. Outlook add-in – Supports Outlook across desktop, web, and mobile.
  2. Server-side signatures – Emails are routed through Azure for signature insertion.
  3. Azure AD (Entra ID) integration (optional)
Application security

Xink is built using a security-by-design approach and follows OWASP best practices.

Integrations

  • Xink API
  • Salesforce
  • Zendesk

Login security

Supports password policies, forced resets, and optional Multi-Factor Authentication (MFA).

User provisioning

Role-Based Access Control (RBAC) ensures consistent and secure permission management.

Data control

Clients can request data deletion at any time. Inactive data is automatically deleted after 90 days.

Operational security

Monitoring

Continuous monitoring and a formal Information Security Management Program are in place.

Data handling

PII data is encrypted and controlled by the client.

Physical security

Handled by Microsoft Azure, including 24/7 monitoring and strict access controls.

Network security

Traffic is restricted and secured using Azure networking and encryption.

Risk and vulnerability management

Penetration testing

Internal testing is conducted monthly. Third-party testing is allowed under disclosure agreements.

Incident response

Incidents are handled according to a defined response plan. GDPR breaches are reported within 72 hours.

Disaster recovery

Data can be restored up to two hours prior to an incident.

Privacy, certifications and compliance

Privacy Policy

View Privacy Policy

Certifications

  • ISO 27001, 27017, 27018
  • SOC 1 and SOC 2

GDPR & DPA

Xink supports GDPR compliance and provides Data Processing Agreements (DPA) to customers.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.
Quick 1-on-1 Demo | Ⓒ 2026 Xink