Templafy Email Signature Server (Templafy Hosted) - Functional FAQ

About this article

This article details questions and answers regarding Email Signature Server (Templafy hosted). Sections in this article: 

• What is the Templafy Email Signature Server (Templafy Hosted) architecture?

• Does Templafy save customer emails?

• How does Templafy ensure email data is protected?

• What data is processed in Templafy Hosted?

• How does Templafy ensure tenant isolation?

• How does Templafy manage access to the Templafy Hosted Email Signature Server?

What is the Templafy Email Signature Server (Templafy Hosted) architecture?

Templafy email signature server architecture is the same for both offering (Templafy Hosted) or (Client Hosted), the main difference is the infrastructure location where for Templafy Hosted it will be in Templafy environment like below:

Does Templafy save customer emails?

Templafy Email Signature Server processes the emails in memory. The email message contents are not persisted to any tables, logs, or storage devices at any time during or after processing.

Metadata related to the processing of emails are stored in the Tables of the Azure storage account. The metadata is used for troubleshooting purposes. The email addresses logged to these Tables are in redacted form e.g., ab***z@domain.com.

Any data that may exist in the memory for the docker container Email Signature Server process is not persisted by any means or in any way by the Email Signature Server software. 

How does Templafy ensure email data is protected?

As with all our solutions, Templafy has security and privacy by design and by default. The Templafy Email Signature Server only processes the emails in memory, and the processing time is 2-5 seconds. This ensures no changes on the code can occur and that memory slots cannot be watched with the intention to access the emails. 

What data is processed in Templafy Hosted?

Templafy process the usual data types to populate the email signature. This is configurable by the customer and usually amounts to employee name, work email, work phone number, job title and department.

Templafy does not store personally-identifiable information (PII) in the logs.

How does Templafy ensure tenant isolation?

Every client tenant is isolated and have its dedicated Kubernetes resources as well as a logically separated storage.

How does Templafy manage access to the Templafy Hosted Email Signature Server?

Access to customer data is restricted to authorized users, which is a limited group of trusted and senior engineers. Access is controlled by Templafy's Information Security team, headed by the CISO. Templafy's access to data is governed in the Data Processing Agreement. Any exceptions must be approved by the customer. Access is managed through Azure AD with MFA and dedicated admin accounts. Access is reviewed quarterly for all privileged accounts across all subscription by the InfoSec team and immediate action is taken for access that is no longer required.