Security Compliance

Legal and Security › Security Compliance

Security and trust are top priorities

Grafana Labs maintains high standards of data privacy and security by implementing:

Grafana Labs development includes continuous integration, detailed change management policies, static code analysis and vulnerability analysis.

Securely store, visualize and alert without the headache of scaling or managing your own monitoring stack.

Grafana Cloud is a fully managed observability platform that makes it easy to collect, analyze and alert on metrics and logs all within Grafana.

Grafana Labs is committed to maintaining the highest standards of data privacy and security. By implementing industry-standard security technologies and procedures, we help protect our customers’ data from unauthorized access, use, or disclosure.

Certifications

ISO 27001

Certified through an independent third-party audit with A-LIGN for ISO 27001.

SOC 2 Type 2 Certification

Certified through an independent third-party audit with A-LIGN for SOC 2.

PCI Security Standards Council

Maintains PCI Compliance through third-party approved scanning vendors.

GDPR Compliant

General Data Protection Regulation Data Processor Agreement (DPA) available and DPO.
Requests should be sent to privacy@grafana.com for information.

EU-U.S. and Swiss Privacy Shield Framework

Pending compliance with the EU-U.S. Privacy Shield Framework.
Privacy Shield Listing

Cloud Security Alliance (CSA)

Completed CSA Security Trust Assurance and Risk (STAR) program.
Cloud Security Alliance Registry