Infrastructure and security

SMSAPI operates in accordance with the GDPR,
we are also ISO 27001 certified.

Find out about our policy on:

  • Information security management
  • Confidentiality of the services offered
  • Personal data protection
  • Security and infrastructure

ISO 27001 Certificate

LINK Mobility Poland Sp. z o.o. is ISO/IEC 27001: 2013 certified. This means that we apply and ensure the highest security standards for the creation, maintenance and development of electronic communication solutions (including SMS, VMS, MMS) in the SaaS model. We have passed the certification with the independent audit organization TÜV NORD Polska.

ISO 27001 is an international standard that standardizes systems and their security. Obtaining the certificate in July 2021 is a milestone in the long-term strategy to improve the quality of security, as well as the concern for data confidentiality and privacy. Owing to this, we guarantee our customers and partners the highest level of information and infrastructure security.


Phone numbers to which our clients send messages are used only for the purposes of their SMS campaigns. It applies to both: numbers typed in manually and those imported from databases.

All messages are stored in accordance with current law. We share them only when a request is determined by a lawful cause.

More information on data privacy can be found in SMSAPI Privacy Policy.

Personal Data Protection

SMSAPI operates in accordance with the GDPR. Furthermore, we are doing our best to promote good practices of data protection in SMS marketing by publishing educational materials on our blog, social media and during live events and conferences.

Our platform is under a constant care of Data Protection Officer who is also a data protection specialist for LINK Mobility Group. The DPO takes an active part in consulting and planning of all our projects in terms of GDPR and ISO 27001 compliance.


We guarantee the highest level of security. We also provide our clients with the set of tools and solutions designed to help them maintain high security standards. Among the provided features is an option of enforcing the two-factor authentication. Once switched on, all logins must be confirmed with a code sent in text message. Additionally, we have introduced strict rules regarding password complexity. All users can also set a periodic password change notification and limit the Portal and API access to selected IPs.

SMS Authenticator

With financial branch in mind, we have designed the SMS Authenticator tool. With it, all our clients have access to an effective and secure form of the two-factor authentication based on text messages.

OAuth2 tokens

We strongly suggest using authorization based on OAuth2 tokens when accessing our services via API. This way, all features are available without the SMSAPI account password.

SSL Certificate

Connection to the Portal is secured with a strong SSL certificate provided by the globally recognized company. It applies to both, API connections and web version. We are using TLS version 1.2.

Audits and trusted providers

In order to continuously raise the security standards of our services, we conduct periodic audits of the Portal. Tests are run by independent organizations specializing in Internet security. All security risks are being eliminated as quickly as possible.

Access to the critical production assets is limited to a bare minimum. That’s why we are updating the access database on regular basis to reflect the actual needs of our team and to minimize the risk of information leaks. All computers are secured with an antivirus software with the automatic updates turned on.

At the client’s request, we can provide a VPN connection of SMSAPI Platform.

Monitoring 24/7

The monitoring team responsible for the troubleshooting of our services is located at SMSAPI headquarters in Gliwice, Poland. Among the competences of the team is 24/7 technical support in case of incidents and failures.


The uninterrupted service is secured by two redundant server centers: ATMAN and T-Mobile. They operate independently and are located in different locations. Current status and service availability can be checked on the stand-alone monitoring website.

Still, all data is located inside the European jurisdiction, on the territory of EEC. We are using high-end solutions for monitoring, management and infrastructure maintenance.

Stability of the business

The SMSAPI brand was established in 2007. Since that time, we have expanded our team, our competences and at the same time, we have invested in the newest infrastructure. Our efforts have been recognized locally and globally several times.

Joining the biggest European mobile communication Group – LINK Mobility was the turning point in our history. SMSAPI has gained access to an extensive technological base and specialists’ support. More importantly, it allowed us to expand our product portfolio. Thus, we can provide products and solutions unavailable to our local competitors.

Responsibility and sustainable development

SMSAPI is a partner of many marketing events (UX Poland 2018, Infoshare, InternetBeta) and local charity events.

SMSAPI employees, along the whole LINK Mobility Group, are trying their best to reduce the impact of our actions on the environment. Waste generated in our office is segregated according to the local regulations. We also try to reduce the usage of single-use products.

To reduce the carbon footprint, we always check if the matter can be discussed online, before deciding to go on a business trip. Whenever it’s possible, we choose public transportation. SMSAPI is a bicycle-friendly company as we provide bike racks and shower rooms.

Register for free

Sign up in 30 seconds and get free SMS for start!

Create account