+1 (877) 634-6847
Customer Support
PhishingBox Logo
Request Demo Sign Up 14-Day Free TrialNo Credit Card Required.
Security and privacy resources

Trust Center

Review the policies, controls, and supporting materials we maintain to help with vendor due diligence and security reviews.

Request a Demo View Pricing
Trust Center illustration

We know trust has to be earned.

We understand that placing trust in a vendor requires evidence, transparency, and accessible documentation. At PhishingBox, security is foundational to how we build, host, and support our platform.

Our information security program is continuously maintained, regularly reviewed, and supported by independent validation where appropriate. If you need additional information beyond the materials below, contact us directly and we can help with your review process.

Security

Security is our business.

As a trusted vendor, we understand the need to maintain a secure environment. Our information security program is an ongoing effort supported by defined controls and regular audit or testing activity.

Our Security Summary
SOC audit

SOC Audit

As U.S. President Ronald Reagan said, "Trust, but verify." An independent third-party audit firm performs our SOC audit to provide detailed assurance around controls relevant to security, availability, processing integrity, confidentiality, and privacy.

GDPR

GDPR

Many of our clients must comply with the General Data Protection Regulation (GDPR). Our GDPR work includes internal process reviews, updated documentation, and ongoing implementation of data protection policies, procedures, controls, and security measures.

Our GDPR Compliance
European Union hosting

European Union Instance

PhishingBox maintains processing and hosting facilities within the European Union. Customers can choose this instance when they do not want their data processed within the United States, while maintaining the same control structure.

EU Instance Details
CSA STAR Program

CSA STAR Program

The Cloud Security Alliance (CSA) publishes best practices for secure cloud computing. Its standardized questionnaires help streamline vendor due diligence for software-as-a-service vendors, and PhishingBox uses these frameworks to support common review requests.

The CSA STAR Program
Privacy

Privacy Policy

Privacy is a concern for every organization. PhishingBox does not sell or share your information with unrelated third parties. Our privacy policy explains how we handle information related to website visitors, clients, and contacts within client accounts. For privacy-related questions, contact privacy@phishingbox.com.

Our Privacy Policy
Cookies

Cookie Policy

Cookies are small pieces of text stored by your web browser when you visit a website. We use them to help deliver the best possible experience for visitors and customers.

Cookie Policy
System status

System Status

We understand how important uptime is. Our independent status page provides current operational information for PhishingBox solutions, and any active disruptions or notices are posted there.

System Status Page
Bug reports

Report a Vulnerability

If you believe you have found a vulnerability in a PhishingBox asset, you may report it here. We take reported issues seriously and review submissions through our vulnerability reporting process.

Report a Vulnerability