Tenant isolation
Workspace APIs require authentication and scope data by organization. Campaign, segment, template, provider, contact, and analytics records are organization-bound.
Security
Security and compliance controls for enterprise-ready email operations.
ZOLLO is built for organizations that need clear tenant boundaries, controlled access, protected provider credentials, signed integrations, responsible sending, and auditability.
Roles and permissions
ZOLLO supports Owner, Admin, Marketing, Sales, and Viewer roles so teams can separate administration from campaign and analytics workflows.
Credential protection
Email provider and AI provider credentials are encrypted at rest with a dedicated encryption key separate from JWT signing.
Signed webhooks
Provider webhooks require an organization identifier and HMAC-SHA256 signature before campaign events are accepted.
Safer template previews
Email previews are sandboxed and rendered HTML is cleaned to reduce script, event-handler, and unsafe URL risks.
Operational controls
Rate limits, import size limits, audit logs, unsubscribe links, consent fields, and suppression states support safer launch operations.
Compliance posture
Designed for responsible email sending.
ZOLLO gives teams the product controls needed to support CAN-SPAM, GDPR, CCPA, provider policy, and internal approval workflows. Legal responsibility remains with each sending organization and its data practices.
Consent status and unsubscribe workflows
Suppression handling for unsubscribes, bounces, and complaints
Company address and sender identity fields
Audit logs for sensitive workspace activity
Provider-level SPF, DKIM, and DMARC setup guidance
Data retention and deletion workflows planned for regulated teams
Security contact
Report security questions or issues.
For security, privacy, provider, or compliance questions, contact support@zollo.live. Include affected workspace details, timestamps, and reproduction steps when reporting a potential issue.
Start building
Run campaigns from ZOLLO today.
Create contacts, segments, templates, campaigns, automations, providers, and analytics from the app workspace.