Postman Trust Center
More than 20 million developers and 500,000 organizations world-wide trust Postman as an API platform. We've created comprehensive practices and policies to earn and keep your trust.
Trust your APIs
The Postman Trust Center provides information on our product security, privacy, compliance, and reliability. We aim to give you transparency about our practices and policies in place to ensure a secure corporate environment.
Your data security is important to us. We maintain a security-first culture across our organization and keep security at the core of everything we do.
We believe in a strong security foundation based on industry standards, compliance, and regulations. Postman adheres to GDPR, CCPA, and other privacy and security regulations to meet your compliance needs.
We know how important your data and privacy are to you. At Postman, we have implemented policies and programs to appropriately and securely manage these areas to ensure your peace of mind.
You depend on Postman products for your API lifecycle. We design with reliability in mind so you and your team can use Postman with complete confidence.
Compliance certifications and regulations
We comply with industry-standard certifications and regulations to ensure the security of our company and customer data.
General Data Protection Regulation (EU GDPR)
System & Organization Controls (SOC 2 & SOC 3)
Payment Card Industry Data Security Standard (PCI DSS)
CSA STAR Level One
Postman shared responsibility model
While we continuously focus on doing our part to maintain high standards for security and complying with regulations, you also have a role to play in helping to ensure the security of your data. It's our responsibility to ensure that Postman products and services are safe and secure to use, and it's your responsibility to follow safe practices with the data you store within Postman.
To learn more about the things we expect our users to be aware of during regular product usage, please read the shared responsibility model guide.
Reach out to Postman Security
Our security team ensures the security of data stored with Postman and helps you keep your APIs secure by providing security-aware features, workshops, and content.
If you find a vulnerability in our service or website or want additional information about our security policies, you can contact us at firstname.lastname@example.org. You can use our PGP public key to encrypt your communications with us.
If you are reporting security vulnerabilities or if you are a security researcher, review our security reporting guidelines and policy.