zend.shzend.sh
Security & trust
We're early-stage. Here is exactly how the system is built — the real controls, the real tradeoffs, and no security theater.
Core posture
Mailbox credentials and OAuth refresh tokens (Google service-account delegation, Microsoft MSAL auth-code) are encrypted in Supabase Vault. zend.sh orchestrates your mailboxes — it never owns them.
Every Postgres query is scoped by Row-Level Security keyed on my_team_ids(). Agency workspaces are isolated via team_members + RLS — no cross-tenant data leakage by construction.
zend.sh offers open/click tracking via a 1×1 tracking pixel and link rewriting, controlled per campaign by the sender (default on, disable for maximum deliverability). For honesty, opens are classified human vs. machine — Apple Mail Privacy Protection, image-proxy prefetch, and security scanners are flagged so reported open rates aren't inflated.
All webhook payloads are signed with HMAC-SHA256 using a per-endpoint secret. Delivery includes retry logic with exponential backoff. Verify the signature before processing.
The P2P warmup network sends standard IMAP/SMTP traffic against real inboxes with AI-generated content variety. No spam traps, no artificial engagement loops, no click farms.
The deliverability guardian monitors bounce and complaint rates in real time. If either exceeds safe thresholds, sending is automatically paused before reputation damage accumulates.
Compliance baseline
zend.sh enforces a compliance baseline for every campaign, not just the ones that opt in to it:
Certifications
zend.sh is an early-stage product. We do not currently hold SOC 2 Type II, ISO 27001, or any other formal security certification. We will pursue SOC 2 as the platform matures and customer demand warrants the audit cost. If your organization requires a specific certification before using zend.sh, reach out and we'll be transparent about our timeline.
Sub-processors
zend.sh relies on a small, named set of infrastructure sub-processors to deliver the service: Supabase (database, auth, Vault), Microsoft Azure (email sending via ACS, Functions, Storage, App Insights), Cloudflare (DNS), Stripe (billing), Anthropic (Claude Haiku for reply classification and warmup content), PostHog (product analytics), Sentry (error tracking), Resend (transactional email), Hetzner (Mailcow inbound), Railway (hosting), and Inngest (scheduling). We do not sell or share your data with any third party beyond what is necessary to deliver the service.
Questions about our security posture or data handling?