Your Data is Safe With Us

Vision6 adhere to industry best practices so you can be confident that your data is always secure with us.

The security of your data is important to us. That’s why we take a security-first approach to our systems and practices based on international protocols and standards.


  • Vision6 is the only Australian email marketing software company that has a SOC2 certification and ISO 27001 certification.
  • We are verified by QAssure, WCAG 2.0, W3C with GDPR & SPAM Act Compliant Tools.
  • All our customer data is stored on servers in an Australian Tier 4 data centre that is also ISO 27001 compliant.
  • Australian based and operated since 2001.

Application Security

  • We continually work to improve the security of our application. Our product and infrastructure are designed from the ground up to be secure, and we are always looking to take advantage of new techniques and browser features that can help.
  • 2-Factor Authentication is available for all customers and IP address restrictions can also be configured as an extra level of access control for both the application and the API.
  • For customers that need to access more than one account, we help to provide full visibility over your configuration through the use of your profile in conjunction with user roles to define how an account can be accessed.
  • Our application is fully encrypted over HTTPS using TLS and is up to date with the most modern cryptography standards. 

Data Sovereignty

  • Vision6 stores your data based on the location of your account, including all backups and disaster recovery systems, in either Australia or the United States.
  • Your data will always stay in one of these countries, based on where your account was created.
  • We are the only provider in Australia that can guarantee data sovereignty of transactional email.

Data Integrity & Disaster Recovery

  • Your data is kept separate from other users, where each account is logically separated to make sure that each account is secure and consistent.
  • Backups of your data are made at least every 24-hours and protected by industry-standard encryption, stored in local as well as multiple off-site locations.
  • We store redundant copies of your data to ensure integrity and resilience. Our disaster recovery systems are designed so that we can quickly recover from the loss of a data centre or entire region, and we test our disaster recovery plans regularly according to a schedule. 

Network & Data Centre Security

  • Our network infrastructure is designed to prevent intrusion through segmentation and other best practice techniques such as highly restrictive firewalls.
  • We have DDOS (Distributed Denial-Of-Services) plans in place and actively work with our networking providers to mitigate any problems.
  • Our Data Centre providers manage security for the facilities we use and provide continual monitoring. 

Internal Security

  • The networks used in our office and by our staff are continually monitored and highly restricted.
  • We have very strict internal security procedures including various physical security measures, anti-virus and spam filtering, firewalls, network security and operating system security.

Credit Card Security

Our payment providers are fully PCI compliant and meet the most stringent level of certification available in the payments industry. To accomplish this, they make use of best-in-class security tools and practices to maintain the highest levels of security. We don’t handle credit cards ourselves.

Want More Information?

You can request access to our SOC2 Assurance Report or Web App & API Penetration Test Assurance Report by filling in our form and we will get back to you within one business day. 

In the meantime, if you need any other information, please reach out to our team at