DigitalOcean is certified in the international standard ISO/IEC 27001:2013. By achieving compliance with this globally recognized information security controls framework, audited by a third-party, DigitalOcean has demonstrated a commitment to protecting sensitive customer and company information. That commitment doesn’t end with a compliance framework, but is necessary baseline for security. Our ISO/IEC 27001:2013 certificate can be viewed here.
We are an active participate in and comply with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce and the European Commission. The framework provides DigitalOcean a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States.
All of our data centers are independently audited and/or certified by various internationally-recognized attestation and certification compliance standards. Many of the SOC reports and certifications listed below are available if a signed NDA is in place between DigitalOcean and our customer.
Below is the list of our datacenters and the associated most commonly requested attestations/certifications. To request an NDA for a SOC report/certificate listed below, or if you have any other compliance-related questions please contact our Customer Support team here.
|Datacenter||SOC 1 Type II||SOC 2 Type II||ISO/IEC 27001:2013||PCI-DSS|