(last updated April 13, 2021)
Scalyr’s Commitment to Security and Privacy
Scalyr is committed to achieving and preserving the trust of our customers. Our comprehensive security and privacy program carefully considers data protection and privacy across our products and services, including data submitted by customers to our online service.
Security Assessments and Compliance
Scalyr’s physical infrastructure is hosted within Amazon’s US and EU secure data centers using Amazon Web Services (AWS). Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:
- ISO 27001
- SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
- PCI Level 1
- FISMA Moderate
- Sarbanes-Oxley (SOX)
We use PCI-DSS-compliant payment processor Stripe for encrypting and processing credit card payments.
Service Organization Controls (SOC) exist to validate a company’s controls and ensure industry standards are followed. Our SOC 2 Type I report was prepared in accordance with the Statement on Standards for Attestation Engagements No. 18 (a.k.a SSAE 18) and documents operational policies and procedures for Scalyr’s system of internal controls. Scalyr is compliant with Service Organization Control 2 (SOC 2 ) standards. Scalyr provides its customers with a SOC 2 type 2 report. This report addresses controls relevant to security, availability, confidentiality.
Security and Privacy Documentation
To complete a DPA or obtain details about Scalyr’s sub-processors or Technical and Organizational Measures, please contact us at firstname.lastname@example.org