Reports: Certifiably awesome password management

What is SOC 2?

SOC 2, or Service Organization Control, is an auditing process that ensures service providers securely manage data to protect the interests and privacy of their customers.

A SOC 2 report is undertaken by an independent auditing firm and is intended to provide you with proof that, when it comes to protecting your data, we do what we say.

SOC compliance covers the security, availability, confidentiality and privacy of customer data. Our team worked together with the auditing firm to achieve SOC 2 certification in the following areas:

Security

Ensuring processes are in place that keep our system secure.

Availability

1Password is available for operation and use as committed in our terms of service.

Confidentiality

We can’t read any customer data stored in 1Password. All data on our servers is encrypted, both at rest and in transit, and can only be decrypted locally (on your devices) when you enter your account password.

Privacy

We use your data solely to provide you with services in which you enroll. Our business is providing 1Password products and services to you, our customer. We have no desire or interest to use or transfer the limited data we acquire for any other purposes. See our privacy policy for more info.

We believe strongly that your data is yours and we don't want to know anything about it. This is one of the fundamental beliefs 1Password was built upon. We don't use it, we don't share it, and we don't sell it. You're our customer, not our product.

Dave Teare, Founder of 1Password

Want to know more?

The SOC 2 report solidifies our stance on protecting our customers’ data, keeping it in their control. If you would like a copy of our SOC 2 report, please contact our business team who will be happy to help.

By proceeding, you agree to the Terms of Service and Privacy Notice.