Security and privacy

Customer privacy and data security are important to us and maintaining your trust is one of our highest priorities

View Privacy Policy Contact Us

SOC 2 Type II certified

SOC 2 is an auditing standard created by the American Institute of Certified Public Accountants (AICPA) that sets compliance standards for a company’s security controls. We’re proud to be SOC 2 Type II certified with an unqualified opinion covering controls around security, confidentiality, and privacy. Our SOC 2 Type II report is available by request on our Enterprise Plan.

HIPAA compliant

HIPAA (Health Insurance Portability and Accountability Act) guides the way companies handle protected health information (PHI) to ensure proper data security. OneSignal provides a platform to support HIPAA compliance. A Business Associate Agreement (BAA) is available to customers by request on our Enterprise Plan.

Data Privacy Framework certified

The EU-U.S., UK Extension, and Swiss-U.S. Data Privacy Frameworks were designed to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union, United Kingdom, and Switzerland to the United States in support of transatlantic commerce.

OneSignal’s Data Privacy Framework Certification is available on their website.

GDPR compliant

In May of 2018, the European Union implemented a law for its citizens called the General Data Privacy Regulations (GDPR). GDPR addresses the transfer of personal data outside the EU and EEA areas.

OneSignal provides the ability for all users to be GDPR compliant, however, you may need to modify your own privacy policy to be covered. Also, GDPR requires organizations to have a written, signed agreement to fulfill GDPR data protection obligations, as explained by Privacy Shield and summarized at Supplemental Principle 10 (Obligatory Contracts for Onward Transfers).

CCPA compliant

The California Consumer Privacy Act (CCPA) is a state statute that is intended to enhance privacy rights and consumer protection for residents of California in the United States. CCPA provides residents with the right to know and control how their personal data is being used by businesses.

OneSignal provides the ability for all users to be CCPA compliant, however, you may need to modify your own privacy policy to be covered.