Trust center

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

Overview

Welcome to ClickHouse's Trust center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust center to learn about our security posture and request access to our security documentation.

Compliance

CCPA Logo
CCPA
EU-US DPF Logo
EU-US DPF
GDPR Logo
GDPR
HIPAA Logo
HIPAA
ISO 27001 Logo
ISO 27001
ISO 27001 SoA Logo
ISO 27001 SoA
PCI DSS Logo
PCI DSS
SOC 2 Type 2 Logo
SOC 2 Type 2

Documents

REPORTSPCI DSS - SAQ A
REPORTSPentest report
REPORTSVulnerability assessment report
COMPLIANCEHIPAA
COMPLIANCEISO 27001
COMPLIANCEISO 27001 SoA
COMPLIANCEPCI DSS
COMPLIANCESOC 2 Type 2
PRODUCT SECURITYProduct architecture
APP SECURITYSoftware Bill of Materials (SBOM)
DATA PRIVACYTransfer impact assessment
POLICIESData classification policy

Risk profile

Data access levelRestricted
Impact levelModerate
Critical dependenceYes
View more

Product security

Audit logging
Data security
Integrations
View more

Reports

PCI DSS - SAQ A
Pentest report
Vulnerability assessment report

Data security

Access monitoring
Data erasure
Encryption-at-rest
View more

App security

Responsible disclosure
Bot detection
Secure development training
View more

Legal

Subprocessors
Data processing agreement
Privacy policy
View more

Data privacy

Cookies
Data breach notifications
Employee privacy training
View more

Access control

Data access
Logging
Password security

Infrastructure

Status monitoring
Amazon Web Services
Anti-DDoS
View more

Endpoint security

Disk encryption
Endpoint detection and response
Mobile device management
View more

Network security

IDS/IPS
Security information and event management
Virtual private cloud

Corporate security

Employee training
HR security
Incident Response
View more

Policies

Data classification policy
Information security policy
Operations security policy
View more

Security Grades

SecurityScorecard
ClickHouse Cloud
Security Scorecard A grade
Qualys SSL Labs
clickhouse.cloud
A+
Security Headers
clickhouse.cloud
A

BC/DR

Data backup/backup protection
High availability
Knowledge Base (FAQ)
    Federal: Is there a ClickHouse version that is secured for US Federal compliance?
View more
Trust center Updates

2025 SOC 2 Update

Copy link
Compliance
April 25, 2025

We are excited to announce the availability of our 2025 SOC 2 Type II report and US Data Privacy Framework (DPF) self-certification.

We renewed our SOC 2 Type II early to include additions to our product offerings including HIPAA on AWS and GCP, and Bring Your Own Cloud (BYOC) on AWS. This report also extends to include all five (5) Trust Services Criteria; security, availability and processing integrity of our systems and confidentiality and (NEW) privacy of information processed by our systems.

For more information on SOC 2, check out SOC 2 - SOC for Service Organizations: Trust Services Criteria issued by the American Institute of Certified Public Accountants (AICPA) and the Health Insurance Portability and Accountability Act (HIPAA) Security Rule from the U.S. Department of Health and Human Services.

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Built onSafeBase by Drata Logo