Security
Built around your Microsoft 365 sign-in and sending
SimpleNewsletter365 uses Microsoft Entra for sign-in, Microsoft Graph for newsletter sending, and isolated Azure storage for app data. Here is how we protect it.
Microsoft sign-in, tokens server-side
You authenticate with Microsoft Entra. The app is a confidential OpenID Connect client, so Microsoft access and refresh tokens stay on our servers and are never exposed to the browser or front-end code.
Your mailbox, your sending
Newsletters send through your own Microsoft 365 mailbox over Microsoft Graph. There is no shared sending pool, and your recipients are never mixed with another customer's.
Tenant and account isolation
Account-owned product records carry tenant and account identifiers and are read through shared account-scope helpers, so one organization's data is isolated from another.
Encryption and key management
Data is encrypted in transit and at rest. Delegated mailbox refresh tokens are encrypted with ASP.NET Core Data Protection and, in production, wrapped by an Azure Key Vault key accessed through managed identity.
Privacy-aware logging
Logs, problem details, and telemetry use identifiers, hashes, statuses, counts, and durations. We do not log email content, recipient lists, tokens, authorization headers, or unsanitized provider payloads.
Protected signup forms
Public signup endpoints use hashing, a challenge (ALTCHA), optional double opt-in, origin allowlisting, and rate limiting. Abuse and idempotency evidence is bounded and hashed; submitted subscriber fields are stored as contact data.
Data processing and subprocessors
For how we handle personal data, retention, deletion, and the third parties involved, see our Data Processing Addendum, subprocessor list, and Privacy Policy.
Found a security issue? Email [email protected].