Gearset has been audited and certified to the international information security standard ISO/IEC 27001:2013. This certification demonstrates that Gearset has implemented a comprehensive, effective, and continually improving Information Security Management System. Certification involves regular audits to verify our compliance.
Gearset is committed to protecting your privacy. All information you give us is held with the utmost care and security in accordance with the General Data Protection Regulations 2016 (GDPR). For more information, see our GDPR compliance document.
Gearset instances and storage are hosted on Amazon Web Services (AWS), the same data centers that Salesforce and Heroku trust for their computing needs. Gearset offers hosting options in the United States, the European Union, and Australia to allow customers control over data residency. These industry-leading, secure facilities hold the following accreditations: SOC1, SOC2, SOC3, PCI DSS Level 1, ISO 27001, HIPAA and more.
These data centers are protected by the strictest security controls. Physical access to our servers is restricted to authorized personnel only. In addition to this physical security, Gearset's services run on our own VPC (Virtual Private Cloud) inside AWS to further isolate our networks, in accordance with networking and security best practices.