Email Compliance Software That Meets Any Standard

Email compliance requires email retention software that’s designed with compliance at its core. To achieve compliance, emails need to be preserved, sorted in line with regulations and data needs to be easily retrievable for restoration or deletion according to legal requests.

Email Retention

What’s Your Email Retention Policy?

There’s no shortage of regulations when it comes to communications and storage of data – from how long your business should keep emails to how long you should store employee information. Whichever industry you are in, chances are that you will have to deal with overlapping legislation about what you can and can’t keep, how you should keep it, and how long you should keep it for. Cryoserver email archiving solutions ensure your data is aligned with legislation.

Cryoserver Compliance

How can Cryoserver help?

Our email archiving solution provides a secure, tamper-evident, encrypted and reliable back-up should you have any data loss issues or experience an unfortunate cyber attack with your Microsoft/Office 365 or on-premises mail server.

Cryoserver archiving solutions keep all email and attachments secure, protecting and controlling access to data. Most importantly, if policies like GDPR require you to delete the PII (personal identifiable information) you hold on an individual, Cryoserver is just what you need. It will enable you to find and remove all the data from your email and attachments with the help of detailed search results. In addition, you’ll have the audited proof that you have met the requirement.

Recovery & Backup

Simplify your IT, ensure data protection and minimise downtime when you implement Cryoserver’s email archiving compliance software. Whether your business relies on a hybrid environment, Microsoft/Office 365 or an onsite server, we offer a cloud-based email compliance solution that leverages archive data to streamline recovery, decrease costs and boost business continuity.

Email Storage Solutions

With more and more emails being sent and received each day, businesses are struggling with the burden of storing email and other unstructured data on-premises. From the volumes to the cost, the impact of email’s accelerated growth is being felt. Simplify data management, meet the demand for email availability and reduce storage space with Cryoserver’s email compliance software.

Simplified Migration

For many businesses, moving to the cloud is a priority. Simplify your migration from your existing onsite mail server and ensure your Microsoft/Office 365 archiving is compliant with Cryoserver. Microsoft/Office 365 users employ Cryoserver to supplement the service and create a more powerful email archiving solution for their business, overcoming a number of disadvantages of Microsoft/Office 365 archiving.


Privacy by Design

When we developed Cryoserver, key considerations were the privacy and rights of end users. This is our “Privacy by design” philosophy, which is at the core of the solution. It leads to enhanced privacy options for organisations and individual employees. It enables role-based access to archived emails, audit trails at all levels, and preservation of audit trails – all overseen by employees you assign to be your archive custodians or what we call “Data Guardians”. The unalterable nature of Cryoserver creates an evidential repository, which is admissible in court. Also, it’s GDPR-compliant, and it protects your employees’ human rights.

Cryoserver is based on privacy

Download the Cryoserver Compliance Datasheet

The overview sheet is a brief summary of what compliance Cryoserver brings as an archive.

If you have any questions, get in touch.

Download Datasheet

How is Cryoserver GDPR Compliant?

The EU General Data Protection Regulation changed the way that companies all over the world store and handle Personally Identifiable Information (PII). At Cryoserver, we have made some enhancements to our solution to make sure that it complies fully with this legislation, which also ensures the compliance of our customers when it comes to their email data.

The Right to be Forgotten

GDPR states that if a subject wishes to be ‘forgotten’ by an organisation, it is their right that the organisation delete all data held on them. Cryoserver’s super fast search and Audited Delete functionalities ensure that data can be found quickly, and a record of its deletion is kept to prove to the subject that their request was carried out.


Data subjects have always been able to request a copy of all the data held on them by an organisation via a Subject Access Request, or Freedom of Information request in the public sector. GDPR has made it easier for subjects to do this, and Cryoserver has been helping both public and private companies fulfil these requests for over 15 years.

Frequently Asked Questions

Does filtering spam prior to Cryoserver affect compliance?

Yes. If you use a system that filters email and either prevents or diverts the passage of emails it considers spam/virus, then it becomes difficult for a company facing litigation to prove that it has a full, forensic record. The purest most ‘forensic’ approach is to set up Cryoserver to capture raw SMTP as it enters the premises BEFORE it gets to you mail server. However, most customers weigh up the balance between absolute forensic compliance and spam avalanches and decide to filter spam/viruses before they get to the mail server and Cryoserver.

If an organisation has outsourced all email, does this affect compliance?

No, but it depends on the standards of your outsourcer. They need to be able to demonstrate to a regulator or a court that they have appropriate data policies that they apply to customer’s data. It is also worth pointing out that the company is still fully liable for any errors or omissions by the outsourcer; the responsibility is on the company to ensure that the outsourcer is managing data compliantly.

Does keeping data for longer than mandated retention periods have legal implications or any other exposure?

Mandated retention periods are almost invariably ‘minimum recommended retention periods’ and therefore a ‘deletion point’ is not defined – you can keep it as long as you want. Exceptions are the Data Protection Act 1998, in which ‘Principle 5’ says personal data may not be kept ‘longer than necessary’, but does not define what this time might be. Companies are therefore required to decide for themselves as part of a formal procedure what their retention period for various types of personal data should be.

How do you prove an email’s integrity?

Cryoserver is configured to ensure that each and every email sent or received by a company (including internal email) is captured. As each message arrives at Cryoserver a digital fingerprint of the entire message is taken which is recorded with the message in an encrypted and compressed format. If a message is retrieved from Cryoserver its digital fingerprint is recalculated (after it has been uncompressed and decrypted) and this is compared with the digital fingerprint recorded when the message was received. It is therefore possible to prove the content of a message has not been tampered with in any way since it was received.

What Compliance does Cryoserver have?

Cryoserver’s complete focus on email archiving provides you with a uniquely flexible solution that saves time on eDiscovery, gives compliance officers peace of mind and makes the help desk’s life easier.