Compliance at Postman
We believe in a strong security foundation based on industry standards, compliance, and regulations. Postman adheres to GDPR, CCPA, and other privacy and security regulations to meet your compliance needs.
Compliance Certifications and Regulations
We comply with current industry-standard regulations to ensure the security of our company and customer data.
The SOC2 (System and Organization Controls) Type II report focuses on the security, availability, and confidentiality of a cloud service and is audited annually at Postman.
The SOC3 (System and Organization Controls) report focuses on the security, availability, and confidentiality of a cloud service and is audited annually at Postman.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle credit card information.
The European Union's General Data Protection Regulation governs data protection and privacy for all individual citizens of the European Union and the European Economic Area.
Frequently Asked Questions
Is Postman audited by a third-party auditor to ensure compliance with their policies?
Yes, we work with third-party compliance auditors which include our SOC2 (Systems and Organizations Controls) and Microsoft SSPA (Supplier Security Privacy & Assurance) audits.
Is Postman GDPR compliant?
Yes, we are compliant with the European Union's General Data Protection Regulation (GDPR), which governs data protection and privacy for all individuals and citizens of the European Union and the European Economic Area.
Does Postman have a Data Processing Agreement?
Yes, we provide Data Processing Agreement to customers with a regulatory requirement.
How can I view Postman's SOC 2 and 3 reports?
You can download these reports on our Security Portal.