Security

AutoAddy LLC designs AutoAddy as a business platform for dealership media operations. Our security program focuses on protecting customer workspaces, creative assets, campaign data, account access, and service communications.

Access Controls

AutoAddy uses invitation-based access, authenticated user accounts, role-aware administration, and tenant boundaries to limit access to authorized users. Customers are responsible for reviewing users and removing access when personnel or vendor relationships change.

Infrastructure Safeguards

The platform is hosted on AWS. We use managed infrastructure, encrypted transport, private database access patterns, encrypted storage where supported, operational logging, monitored queues, backups, and environment separation for production and staging.

Email Security and Deliverability

AutoAddy sends transactional email from autoaddy.net using Amazon SES. The sending domain is configured for SPF, DKIM, DMARC, and custom MAIL FROM alignment. SES feedback events for bounces, complaints, rejects, and delivery delays are monitored through AWS event publishing so delivery problems can be investigated and corrected.

Data Handling

Customer content is used to provide and support the service. We limit internal access to personnel and providers who need it for operations, support, security, compliance, or troubleshooting. We do not sell customer content.

Incident Reporting

If you believe you have discovered a security issue, please contact security@autoaddy.net. Include a clear description, affected URLs or accounts, reproduction steps if safe, and your contact information. Please do not access, modify, delete, or disclose data that does not belong to you.

Responsible Operations

We review operational alerts, delivery feedback, access changes, and platform logs as part of maintaining a reliable service. Security practices evolve as AutoAddy grows and customer requirements mature.