Product Compliance

The Bronto platform complies with compulsory data retention and privacy regulations. Use the following information to learn more about how Bronto processes data and how you can manage data with Bronto securely.

Importing Data

Bronto lets you manually input, upload, or use the Bronto API to import data. Because all sessions are secure with Transport Layer Security, the data import process is automatically encrypted.

Note: You can also import data using Data Loader. For information on security protocols and requirements when using Data Loader, see the following section.

Data Loader

Data Loader is a paid Bronto application that lets you import data automatically on a daily or hourly basis. Data Loader requires that you first transfer your files to the FTP Server that Bronto configured for you. For security, Bronto uses non-standard ports for transferring your data and requires authentication for each transfer. Learn more about accessing your FTP credentials.

Storing Data

Bronto enforces a Data Retention Policy, in which some data expires based on your data retention period and some data is kept indefinitely. This policy includes regulation of storing cookies.

General Data Protection Regulation (GDPR)

To be compliant with GDPR, Bronto records any status change to active, onboarding, unsubscribed, unconfirmed, or deleted contacts.

To learn more about how Bronto is compliant with GDPR on securing personal information, see the following articles:

International Organization for Standardization (ISO)

Bronto consents to audits for ISO standard 27001, which includes multiple security controls. The Bronto ISO27001 certification can be provided upon request.

Third-Party Data Processors

Bronto has affiliates and subcontractors that might process personal data. Additional subprocessors than those listed might be used to deliver services on a project by project basis.