Where do I find your full policies?

Everything is linked from this page. Security details live on the Security page, and the Privacy Policy, Terms, Acceptable Use Policy, and Data Processing Agreement live under our legal section. The Trust Center is the index to all of them.

Can we get your sub-processor list and a DPA for our review?

Yes. We provide the detailed sub-processor register and sign a data processing agreement as part of a standard security review. Reach out and we will share what your team needs to complete diligence.

What is your stance on the kind of email you send?

Permission-based and legitimate-interest B2B outreach only. No purchased consumer lists, no spam, no deceptive content, and a working opt-out on every message. Our Acceptable Use Policy spells out the full standard we hold ourselves to.

Trust Center

Trust Center one place for the hard questions.

When you hand outbound to a partner, you are trusting them with your data, your domain, and your reputation. This is the single place to see how Outword earns that trust: our commitments, how we protect data, who we work with, and how to reach us.

Book a Call Request a Proposal

Why this exists

Trust you can verify, not just claim.

Outbound done well touches sensitive things: contact data, your sending domains, and the brand your customers recognize. We would rather show you how we handle all three than ask you to take it on faith. The pillars below summarize each area in plain terms, and every one links to the detail your legal and security teams need.

Trust pillars

Five commitments, evidence behind each

Security

Least-privilege access, encryption in transit and at rest, vetted operators, and a written incident response process. Built to clear enterprise security review.

Privacy

We collect only the business-contact data an engagement needs, use it only for the agreed work, and delete or return it when you ask. No selling, no pooling, no surprises.

Compliance

Permission-based and legitimate-interest B2B outreach operated to GDPR, CAN-SPAM, and CASL, with a data processing agreement available when an engagement needs one.

Acceptable use

Clear rules on what we will and will not send. No purchased lists, no spam, no deceptive content. We protect your brand by holding ourselves to a strict standard.

Sender integrity

Full SPF, DKIM, DMARC, and reverse DNS on every sending domain, with strict bounce and complaint limits and honored opt-outs. Your reputation stays clean.

Abuse handling

A monitored, responsive process for any complaint about mail sent on your behalf, so issues are caught and resolved quickly rather than left to fester.

Our commitments

What we promise on every engagement.

These are not aspirations, they are the rules we run by. Outbound sent under your name follows them on every message, in every channel, for every client. If a campaign cannot meet them, we change the campaign, not the standard.

Permission-based or legitimate-interest B2B only, never purchased consumer lists
A working, honored opt-out on every message, processed promptly
Full SPF, DKIM, DMARC, and reverse DNS authentication on every sending domain
Strict bounce and complaint discipline, monitored continuously
Your data used only for your engagement, then deleted or returned

Data protection

Less data, tighter access, clear boundaries.

We minimize what we hold, encrypt it in transit and at rest, and limit access to the operators assigned to your engagement. Your data is segregated from every other client, never resold or pooled, and removed on request. The Security page covers the controls in full; the Privacy Policy covers the legal detail.

Business-contact data only, scoped to the work and segregated per client
Encrypted in transit and at rest, secrets held in a dedicated store
Least-privilege, multi-factor access, reviewed when roles change
Deletion or return of your data when the engagement ends

See our security controls

Sub-processors

The vendors in the loop, kept short and current.

Outword uses a small set of reputable sub-processors to run engagements, each bound by a data processing agreement. We keep this list current and will provide the detailed register on request as part of a security review. (PLACEHOLDER: the published sub-processor list and update policy are finalized before launch.)

Cloud hosting and storage for engagement data
Email delivery and authentication services
Productivity and collaboration tooling used by the engagement team
Detailed register provided under NDA during security review

Proof

Trust that shortens the procurement path.

Security and legal teams ask hard, specific questions. The Trust Center exists so the answers are already here: how data is handled, what we will and will not send, who the sub-processors are, and who to contact. Less back and forth, faster to a signed engagement.

Reflects the standard enterprise diligence the Trust Center is designed to satisfy.

100%

Sending domains authenticated

Place to find every policy

Illustrative. Real metrics and named references are added with client approval.

The detail

Read the policies

Security

Data handling, access controls, encryption, and incident response.

Learn more

Privacy Policy

How we collect, use, and protect personal data.

Learn more

Acceptable Use Policy

What we will and will not send on your behalf.

Learn more

FAQ

Questions, answered

Email security@outword.io. Whether you have a diligence questionnaire, a question about data handling, or a concern about mail sent on your behalf, that address reaches the people who can answer. We aim to acknowledge within one business day.

Bring us your diligence.

Book a call or email security@outword.io, and we will give your team the documentation and answers your review requires.

Book a Call Request a Proposal