Help center
/
Account & billing
/
Account
/
Security

Set a Security Contact for your Klaviyo account

Estimated 2 minute read
|
Updated May 18, 2026, 12:00 AM EST

Overview

The Security Contact lets your company designate a specific account Admin as the primary point of contact for security-related communications from Klaviyo - such as breach alerts, suspicious activity warnings, and compliance requests.

By default, every Klaviyo account automatically has the account Owner set as the Security Contact. This means every account already has a Security Contact configured, even if you've never set one up yourself. If you'd like a different Admin to receive security communications, you can update this at any time.

Who can be set as a Security Contact

A user can be designated as Security Contact if they meet all of the following criteria:

  • Their role is Admin or Owner, or has Account Settings edit permission
  • Their account is active
  • They have logged in within the last 365 days
  • They are not in a blocked staff role

There is no billing tier restriction - this feature is available on free and paid accounts.

How to set a Security Contact

  1. Navigate to Account > Settings > Security.
  2. Locate the Security Contact field.
  3. Search for and select the Admin or Owner you want to designate.
  4. Save your changes.

The Security Contact field is visible and editable by Admins and Owners. Users with lower roles will not see or be able to edit this field.

What happens when the Security Contact changes

When a Security Contact is updated, both the previous contact and the newly assigned contact receive an email notification informing them of the change.

Default behavior and automatic validation

Klaviyo automatically assigns the account Owner as the Security Contact on all new and existing accounts. If you have not manually configured a Security Contact, your Owner is already set as the default.

Klaviyo also runs periodic background checks to validate the assigned Security Contact. If the contact becomes invalid (for example, if their account is deactivated) Klaviyo will automatically revert the Security Contact to the account Owner.

What to expect in the future

The Security Contact feature is new to the Klaviyo Platform. Currently, no specific notifications are sent to this contact. In the future, Klaviyo will begin routing specific security notifications to the Security Contact, including:

  • Warnings of suspicious account activity
  • Alerts for abnormal login attempts
  • Prompts to take security actions, such as rotating exposed API keys

Additional resources

Was this article helpful?
Use this form only for article feedback. Learn how to contact support.

Explore more from Klaviyo

Community
Connect with peers, partners, and Klaviyo experts to find inspiration, share insights, and get answers to all of your questions.
Visit Community
Partners
Hire a Klaviyo-certified expert to help you with a specific task, or for ongoing marketing management.
Hire a partner
Support

Access support through your account.

Email support (free trial and paid accounts) Available 24/7

Chat/virtual assistance
 Availability varies by location and plan type

Log in