We take the responsibility of helping you manage your customer data seriously. That’s why security and privacy are key focus areas for our organization and product development.
Your data is encrypted at rest and protected by TLS in transit. Your Segment password is hashed using bcrypt, and we manage our production secrets with AWS tools.
Rigorous product design
Our projects pass thorough security-design reviews, threat models, and regular pen tests using trusted security vendors. We also employ a private bug bounty for continuous assessment.
All employees are required to complete security and privacy training. In addition, engineers must complete specialized security training.
Manage access to your account
Centrally manage your policies for access with Single Sign-On (SSO) on the Business plan.
Control visibility with user access levels
Control access to your Sources and Workspaces with fine-grained permissions to manage how your users interact with your data.
As a data processor, adhering to local regulations is only one component of our commitment to privacy. Our higher order mission is to treat you and your customers with the respect you deserve.
Our Data Processing Agreement (DPA) reflects the requirements of the GDPR.
We are certified under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks for user data transfer and storage.
Your data is yours to own. Segment never shares or sells your user data.
Segment has appointed a Data Protection Officer to oversee our ongoing compliance efforts.
Head of Security