Statement of Inclusions and Exclusions NCS 7516

NTA 7516 Criteria for Communication Service Providers

August 17, 2020 – Version 1.1

Group Criterion SecuMailer Value
Availability Minimum availability (6.1.2) Yes 99.95%
Maximum downtime duration (6.1.3) Yes 0
Maximum data loss (6.1.4) Yes 0
Integrity Origin verification (6.1.5) Yes eIDAS “Substantial” and “High”
Data integrity (6.1.6) Yes TLS / DANE
Non-repudiation of sender (6.1.7) Yes TLS / SPF / DKIM / DMARC
Sender authorization (6.1.8) Yes TLS / SPF / DKIM / DMARC
Confidentiality Data confidentiality (6.1.9) Yes AES256
Access confidentiality (6.1.10) Yes eIDAS “Substantial” and “High”
Communication confidentiality (6.1.11) Yes TLS / DANE
Legal basis for transmission (6.1.12) No Transmission basis is determined by the sender
International ad-hoc message traffic (6.1.13) Yes EU-based
Usability Continuity of ad-hoc messaging – replies (6.1.14) Yes ESMTP
Continuity of ad-hoc messaging – forwarding (6.1.15) Yes ESMTP
Security as convenience (6.1.16) Yes ESMTP
Readability (6.1.17) Yes ESMTP
Own copy (6.1.18) Yes ESMTP
Interoperability File integration (6.1.19) Partial An API is available
Multi-channel communication (7.2) Yes NTA 7516 Certified

REST API

Developer portal ›

SecuMailer has a REST API for sending secure emails. Both the GDPR and the NTA 7516 functionality are fully accessible via this API.

The API is documented with OpenAPI specification 3.0.1.

The REST API has webhook functionality, which means that the SecuMailer platform can communicate email events with an HTTPS endpoint of the sender.

SMTP API

The SMTP API is usually the simplest integration option for many backend applications because backend applications often have a provision for an SMTP client on board.

We have successfully integrated for customers with Salesforce, SAP and Centric. We have also successfully integrated with patient file systems such as Medisoft Dossier Manager.

GraphQL API

The SecuMailer platform offers insight into email events. This can be done on the basis of a (push) webhook call (see REST API above) and on the basis of a (pull) GraphQL endpoint.

Get a Demo

Name(Required)

Contact Sales

Your Name(Required)

End-to-End Encryption

Confidential email communication with maximum protection

With SecuMailer’s End-to-End Encryption (E2EE), your email communication is secured at the highest level. From sending to receiving, the content remains fully encrypted: only the authenticated recipient can open the message.

Try E2EE now
Contact us
End-to-end encryption

Maximum Security

Emails stay encrypted from sending to delivery, giving you full control over who can and cannot access sensitive information even after you’ve send it.

Simple Compliance

Meet strict standards such as ISO 27001, eIDAS, NTA 7516, and GDPR without adding complex certificate management or extra IT overhead.

Easy at Scale

Recipients authenticate with familiar tools like SMS or DigiD, making secure communication practical for large groups such as citizens and patients.

Why end to end

Why choose end-to-end encryption

SecuMailer’s end-to-end encryption ensures that messages remain encrypted not only during transport but also while stored in the recipient’s mailbox. The sender keeps control at all times, since access can be revoked by withdrawing the encryption key. Even after delivery, a message can no longer be opened once the key is withdrawn. Unlike traditional PKI solutions, decryption takes place directly in the browser, so there is no need for recipients to manage complex certificates. This approach combines strong security with ease of use and ensures compliance with strict standards such as ISO 27001, eIDAS, NTA 7516, and GDPR. It makes it possible to share highly sensitive information at scale with citizens, patients, and clients without technical barriers.

How end-to-end encryption works

With E2EE, messages are encrypted directly on the SecuMailer platform using a unique key. The encrypted email is delivered as an HTML attachment, fully protected end-to-end. Decryption only takes place in the recipient’s browser after successful authentication, for example through SMS or DigiD. This means the content remains completely unreadable until the recipient has proven their identity.

Step 1

You send an email as usual.

Step 2

The content is encrypted and converted into a secure HTML file.

Step 3

The recipient opens the attachment in their browser and authenticates using a national ID solution.

Step 4

The key is securely transferred and the content decrypted.

Want more technical detail?

Explore our documentation

Ready to share large files the secure way?

With SecuFiler, you ensure that your privacy-sensitive documents are delivered securely to the recipient, while you remain in full control.

Get a free demo

See how easy secure emailing can be
Get a free Demo

Prefer to talk first?

We’ll help you explore your best-fit integration.
Talk to our team