<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=286388291727847&amp;ev=PageView&amp;noscript=1">

Security & Privacy

Enterprise-grade security and privacy controls have always been at the heart of Nylas. Here are some of the ways we protect and secure data in our infrastructure.

Request the Nylas Security Architecture White Paper
Level 1

Transparency and Compliance

Nylas is Safe Harbor Compliant for both US-EU and US-Swiss standards, and is PCI and HIPAA ready. Our products regularly undergo rigorous 3rd-party audits and penetration tests.

Level 2

Encryption and Access Control

Data for each account is isolated with multi-level permission checks at both the application and service layers. All Nylas API calls require proprietary OAuth2 authentication tokens only granted by Nylas. User data is encrypted at rest using military-grade standards.

Level 3

Network Transport and Storage

Nylas systems enforce TLS for public and private networks, and only support certificates signed by well-known CAs. Persistence and storage layers are encrypted and secured behind VPN & VPC firewalls.

Level 4

Infrastructure and Physical Security

Nylas products run on Amazon Web Services in a secure facility with active monitoring, total system logging, and security including AICPA SysTrust, ISO 27001, and other leading physical security measures.

For bug disclosure and other inquries:

Contact our Security Team

Join our newsletter