Careers
Login

Engagement platform

(previously Exponea)

Content / Discovery

(previously brX)

English
Bloomreach
Bloomreach
  • Products
    Products

    Personalize marketing

    in real-time across email, sms, app, website, and more

    • Email Marketing
    • SMS & Messaging
    • Ads & Retargeting
    • Web Personalization
    • Mobile APP Marketing
    • Marketing Intelligence and Insights
    • Omnichannel Orchestration
    • Experiments & A/B testing
    • Plug & Play Use Cases
    • See All Engagement products

    E-commerce search

    and merchandising focused on maximizing revenue

    • Site search
    • Search Intelligence
    • Merchandising
    • Search APIs
    • Product Recommendations
    • SEO
    • Personalized search
    • See All Discovery products

    Build, manage and personalize

    experiences with headless CMS for every commerce platform

    • Headless Content
    • Page Building
    • Site Management
    • Content Personalization
    • See All Content products
  • Data & Integrations
    Data & Integrations
    • Customer Data Engine

      Customer data management, and advanced analytics for omnichannel personalization

    • Real-time Customer Journeys
    • Segments & Audience Builder
    • Integrations

      Explore integrations for Bloomreach products

    • Partner Agencies

      Engage with Bloomreach Partners to Help Create World-Class Customer Experiences

    • Technology Partners

      Enrich customer experiences with these vendor partners

    • Connected Commerce Platforms

      Get value faster, with simpler integration for select commerce platforms

    • Shopify
    • Magento
    • BigCommerce
  • Case Studies
  • Pricing
  • Learn
    Learn

    Resource Library

    Content and resources to help formulate and execute your digital strategy

    All Resources
    Videos
    Blog
    Analyst Reports
    Whitepapers
    Podcasts
    Webinars
    Events
    Analyst Reports
    Whitepapers
    Podcasts
    Webinars
    Events
    See All Library Resources

    Product Resources

    Get the most out of Bloomreach products with these resources

    Documentation
    ROI Calculator
    Integrations
    Email Deliverability Calculator
    Plug & Play Library
    Privacy at Bloomreach
    Bloomreach Academy
    Security
    Developers
    Bloomreach Partners
    Email Deliverability Calculator
    Plug & Play Library
    Privacy at Bloomreach
    Bloomreach Academy
    Security
    Developers
    Bloomreach Partners
    See All Product Resources

    Use Cases

    See Bloomreach in action

    Win Back Campaigns
    Personalized Email Campaigns
    Welcome Series
    Reengagement That Works
    Optimizing Category Pages
    Headless Commerce
    Reengagement That Works
    Optimizing Category Pages
    Headless Commerce
    See All Use Cases
About Us
Careers
Contact Us
Login
Get a Demo
Languages:
EN
Get a Demo

Security at Bloomreach

Ensure stability by enabling your team to create, send, test, and analyze campaigns, all within the same user-friendly platform.

Think Outside the Search Box

  • Strong Security Culture
  • Secure Development Practices
  • Our Certificates

We create a strong security culture here at Bloomreach, as each and every employee is an essential part of our defense against potential breaches.

This culture is present at all stages, including the hiring process, employee on‑boarding, and ongoing training and company events. All new employees are required to agree to our NDA and go through OWASP training. This shows our commitment to keeping the data of our customers secure.

The developers in the IT segment receive instructions on topics like best coding and development practices, the principle of least privilege when granting access rights, etc. The IT department also attends technical presentations on security‑related topics, and receives regular updates on the newest issues from the Cybersecurity space in our security channel.

Bloomreach has valid certifications to show how seriously we take the topics of security and compliance. We currently have the following certifications:



ISO 9001
ISO 27001
ISO 27017
ISO 27018
ISO 22301
GDPR certification
SOC 2 (Type 1) Report (Provided upon request)

Security Management

Endpoint Security Vulnerability Management Quality Assurance Monitoring Incident Management Reassurance

Endpoint Security

We ensure all of our endpoint devices are protected according to our Endpoint Security Policy. This includes disc encryption, malware protection, guest access disabled, firewall, and regularly updated operating systems. In addition, we perform regular checks to make sure that we maintain this high level of security.

Vulnerability Management

Bloomreach has a vulnerability management policy that includes processes such as regular web scans and scans for potential threats. Once a vulnerability requiring our attention has been identified, it is tracked and assigned for resolution.

Quality Assurance

It is vital for us to properly test all new features before implementing them so that we make sure no unexpected vulnerabilities are introduced to the application. The QA team guarantees that all new additions to our application are bug‑free prior to release. They also test private instances for our fresh clients just before they get into the hands of our Client Services team.

Monitoring

Our security monitoring is performed on information collected from internal network traffic and the knowledge of our vulnerabilities. Internal traffic is checked for any suspicious behavior. Network analysis and examination of system logs in order to identify unusual behavior are a vital part of monitoring. We place search alerts on public data repositories to look for security incidents and analyze system logs.

Incident Management

Bloomreach has well‑defined incident management processes for security events that may affect the confidentiality, integrity, or availability of our clients' resources or data. If an incident occurs, the security team identifies it, reports it, assigns it, and gives it a resolution priority based on its urgency. Events that directly impact our customers are always assigned the highest priority and shortest resolution time. This process involves plans of action, procedures for identification, escalation, mitigation, and reporting.

Reassurance

To ensure our Security Management is transparent and the details are shared with those who need to see it the most, we also hold a SOC 2 Report. This report can be provided on request under an NDA and gives an overview of Bloomreach’s technical and organizational security measures.

WHITEPAPER

Bloomreach Engagement Security Whitepaper

Read More

Protecting Our Clients' Data

  • Data Encryption
  • GDPR Compliant

Whenever we store data in the cloud, there are several layers of encryption. By default, data is encrypted both at rest and in transit. Additional security controls are implemented depending on the requirements of our customers.

Without any further implementations, our cloud providers encrypt and authenticate all data in transit at one or more network layers when data moves outside physical boundaries not controlled by or on behalf of the cloud provider. Google and Amazon use the Advanced Encryption Standard (AES) algorithm to encrypt data at rest. Transport Layer Security (TLS) is used to encrypt data in transit for transport security.

Bloomreach supports our customers in finding the best ways to be compliant with the GDPR. The engagement pillar works in such a way that the clients have complete control of consent management (they set a purpose for processing), data subject rights management (they can download all customer data, anonymize a customer, or delete a customer).

Bloomreach has access management that enables the users to select specific data types as PII and then set/revoke permission to see PII per user. For every event, it is possible to manage its retention and set expiration separately. In addition, data API enables the clients to integrate their systems to enable fast execution of data subjects requests.

Read Bloomreach Experience reviews on Gartner
Read reviewsSubmit review
Read reviews of Bloomreach Experience on G2
Read reviews of Bloomreach Experience on Trustradius
Read Bloomreach Experience reviews on ReacCDP
Products
  • Engagement
    Personalize marketing in real-time across email, sms, app, website, and more
  • Discovery
    E-commerce search and merchandising focused on maximizing revenue
  • Content
    Build, manage, and personalize experiences with headless CMS for every commerce platform
  • Bloomreach Products Powered by aCustomer Data Engine
Company
  • Our Story
  • Contact Us
  • News
  • Leadership Team
  • Careers
  • Experience Strategy Group
Industries
  • Fashion
  • Food & Beverage
  • Travel
  • FinTech
  • Telco
  • Pets
  • Beauty
  • Grocery
  • Distributors (B2B)
  • Manufacturers (B2B)
Product resources
  • Bloomreach Partners
  • Developers
  • Documentation
  • Integrations
  • Bloomreach Academy
  • ROI Calculator
  • Email Deliverability Calculator
  • Security
  • Privacy at Bloomreach
Learn
  • All Resources
  • Blog
  • Whitepapers
  • Webinars
  • Videos
  • Analyst Reports
  • Podcasts
  • Events
Legal
  • Terms of Service
    |
  • Privacy Policy
    |
  • Contact DPO
    |
  • Control Your Data
    |
  • Quality, Infosec, BCM policy
    |
  • UK Modern Slavery Act
© 2023 Bloomreach, Inc. All rights reserved.
E-MailLinkedInTwitterInstagramMetaYoutube