Supafax is built on simple principles: read only what's needed and store no email content.
Supafax is built with security and privacy at the core.
Supafax drafts, organizes, schedules, and sends only from your direct instructions. It does not permanently delete emails.
Certified by ADA Tier 2 CASA, GDPR, Penetration Test audit, ICO data protection.
AES-256 at rest, TLS 1.3 in transit. Scoped Google and Microsoft mailbox access.
We meet the standards enterprise security teams look for, and are actively pursuing the rest. Progress and scope available on request.

Google Cloud App Security Assessment validating OAuth app security controls.

Registered with the UK Information Commissioner's Office as a data controller.

Annual independent audit of security, availability, and confidentiality controls.

Globally recognized information security management standard.

EU data subject rights, DPAs, and sub-processor transparency.

Administrative, technical, and physical safeguards for PHI in healthcare inboxes.