Security & Compliance

Your data are safe with us. GatewayAPI receives an ISAE 3000 auditor’s statement annually on GDPR compliance, and we constantly aim at improving our data protection efforts, both in regard to securing the data that are shared with us, as well as complying with the laws and regulations on data protection.

Find all the information you need in our Terms & Conditions, our Data Protection Policy as well as our Data Processor Agreement.

Leading security measures

Use our free add-ons to strengthen the security of your account

EU setup

Use our EU setup, where data is stored by a cloud provider, which both operates physically in the EU and is owned by a company within the EU. Furthermore, all connections are handled through telecommunications companies and A2P providers within the EU by default. This solution is particularly suitable for those organizations affected by the Schrems-II judgment.

Secret Class

Use Secret Class to ensure that your messages are not stored in the traffic log, which specifically means that message content, sender and recipient are not stored in our system. This ensures the confidentiality of the messages. Please note that if you activate Secret Class, the SMS price changes to Premium.

Country blocking

By using the geo permissions feature, you simply select which countries you wish to send SMS messages to and block all others, which is an effective tool to protect your account from misuse. It is also possible to just select specific countries that you wish to block.

IP whitelisting

IP whitelisting specifies which CIDRs or IP addresses can access your account via the API. This ensures that even if your API keys are compromised, other parties will not be able to use your account to send SMS messages.

URL whitelisting

URL whitelisting ensures that only approved URLs can be included in messages sent via GatewayAPI. It also means that even if your account was compromised, it would not be possible for scammers to send phishing messages with links from your account.

Download our policies and agreements

We've got you covered

Do you want information on how we handle your data? Where your data are stored? What security measures we have put in place? Or simply want to read our Terms & Conditions? 

You can find it all below.

 

Terms and Conditions
Personal Data Policy
DPA (.com setup)
DPA (.eu setup)
ISAE 3000
Find our Cookie Policy here

Consent of statistical data

If you give your consent to collect data via cookies, Google Analytics as well as the other mentioned services are used for data collection.

If you refuse consent, then Matomo is used to collect statistical data, all of which are completely non-personally identifiable. Therefore, we do not need consent to use Matomo. However, you have the right to be excluded from this collection even if you have not given consent. If you wish to be excluded from this collection of non-personally identifiable information, you can do so by clicking opt-out below.

NB: We use a cookie to remember that you have not given consent. If you delete your cookies in the browser, you will thus automatically have to make a decision on consent again.

REMEMBER: If you choose to to be excluded from Matomo’s collection of non-personally identifiable data by opting out, then deleting cookies in your browser will mean that you are included in Matomo’s collection again.

If you have any questions, feel free to write to gdpr@gatewayapi.com

Contact support

Didn’t find what you were looking for?

Contact our specialists