Trust center

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

Welcome to ClickHouse's Trust center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust center to learn about our security posture and request access to our security documentation.

Compliance

CCPA Logo
CCPA
EU-US DPF Logo
EU-US DPF
GDPR Logo
GDPR
HIPAA Logo
HIPAA
ISO/IEC 27001 Logo
ISO/IEC 27001
ISO/IEC 27001 SoA Logo
ISO/IEC 27001 SoA
PCI DSS Logo
PCI DSS
SOC 2 Type 2 Logo
SOC 2 Type 2

Documents

DOCUMENTSBYOC shared responsibility model
DOCUMENTSClickHouse 2025 Non Resident Tax Form
DOCUMENTSClickHouse W9
DOCUMENTSData processing locations
DOCUMENTSForm 10F
DOCUMENTSNo PE Form - India
DOCUMENTSSecurity cloud responsibility matrix
REPORTSPCI DSS - SAQ A
REPORTSPentest report
REPORTSVulnerability assessment report
COMPLIANCEHIPAA
COMPLIANCEISO/IEC 27001

Risk profile

Data access levelRestricted
Impact levelModerate
Critical dependenceYes
View more

Product security

Audit logging
Data security
Integrations
View more

Reports

PCI DSS - SAQ A
Pentest report
Vulnerability assessment report

Data security

Access monitoring
Data erasure
Data Masking
View more

App security

Responsible disclosure
Bot detection
Secure development training
View more

Legal

Subprocessors
Data processing agreement
Privacy policy
View more

Data privacy

Cookies
Data breach notifications
Employee privacy training
View more

Access control

Data access
Logging
Password security

Infrastructure

Status monitoring
Amazon Web Services
Anti-DDoS
View more

Endpoint security

Disk encryption
Endpoint detection and response
Mobile device management
View more

Network security

IDS/IPS
Security information and event management
Virtual private cloud

Corporate security

Employee training
HR security
Incident Response
View more

Policies

Data classification policy
Information security policy
Operations security policy
View more

Security Grades

Qualys SSL Labs
clickhouse.cloud
A+

BC/DR

Data backup/backup protection
High availability
Knowledge Base (FAQ)
  • Federal: Is there a ClickHouse version that is secured for US Federal compliance?
View more
Trust center Updates

ClickHouse Response to React (CVE-2025-55182) and Next.js (CVE-2025-66478) vulnerabilities

Copy link
Vulnerabilities

ClickHouse Cloud is not impacted by the recently published vulnerabilities affecting React (CVE-2025-55182) and Next.js (CVE-2025-66478). Our security team has completed a thorough investigation and confirmed that our platform does not utilize the specific React Server Components (RSC) configurations required for exploitation. No action is required by our customers.

ClickHouse Response to Shai-Hulud 2.0 Supply Chain Attacks

Copy link
Vulnerabilities

ClickHouse is not affected by the Shai-Hulud 2.0 npm supply chain attack. Our security team has audited our software supply chain and confirmed that our products and infrastructure remain secure. We continue to monitor the situation to ensure ongoing protection for our customers.

If you think you may have discovered a vulnerability, please send us a note.
Report issue