Digesto Platform Security

Updated: July  2017

Overview
Digesto does not access nor store any data related to Marketo lead or lead activity. We store only the program and campaign identification related to the execution of Digesto Email distribution services, Digesto configurations and account related information.  

GDPR Compliance
For the Digesto Startup, Growth and Publisher plans, Digesto is not processing any Personally Identifiable Information nor accessing any lead record data from your Marketo Instance.

If you are using the Digesto "1 to 1 personalization" plan (available upon request only) Digesto will process the following data from your subscribers lead record, including First Name, Last Name, Email and Markeo Unique ID. This data may be stored to our database.

User Authentication
Access to Digesto application requires username and password and HTTPS / SSL certificate is required for all to access the Digesto application.

How we access Marketo 
Although some accounts created before August 2016 Digesto may use SOAP API, Digesto generally uses REST API to connect to your Marketo Instance. You must share Marketo API keys with Digesto so that it can authenticate to your Marketo instance. A Marketo admin can control or revoke Digesto's API access by generating new SOAP or REST API Keys or by deactivating the related REST Custom Web Service. See Marketo Custom REST Web Service Documentation for more details. Your Digesto admin panel allows you to update/edit your Marekto REST API Credentials.

Digesto will perform API calls to:
- Update program level token values feed sourced content;
- Initiate the dedicated Digesto campaign in your instance;
- Digesto will NOT not read, write or update any Marketo lead/person data.

Please refer to the Digesto user documentation for a detailed description of the Marketo programs for Digesto.  

Data Storage
The Digesto application databases are stored on Amazon AWS Relational Database Service (Amazon RDS) ensuring great performance and resizable capacity.
Physical and software security environment doe Amazon is described on Amazon AWS Website.  All data is also backed up on a  daily basis.  

Encryption
All the informations send from Digesto to Marketo goes through encrypted data transfer using SHA256 encryption method. All sensible information like user's passwords and Marketo Encryption Key are encrypted before we store in our DB.

Payment Information
Digesto does not handle or store any billing or payment information. Our ecommerce platform uses Chargebee subscription billing/invoicing and payment processing is done by Stripe and related Data is stored on these platforms. 

Access Role
Digesto is a single user platform. When you register, an "Administrator" role is granted that allows the following actions:
- Configure Marketo API Access
- Create, Updated, Delete, Edit, Test and Activate Digest.
- Manage Account (contact info, email, payment method)
- Manage subscription 
- Access Logs (Read Only)





Feedback and Knowledge Base