Is Upstash SOC2 Compliant?

Upstash Redis databases under Pro and Enterprise support plans are SOC2 compliant. Check our trust page for details.

Is Upstash ISO-27001 Compliant?

We are in process of getting this certification. Contact us (support@upstash.com) to learn about the expected date.

Is Upstash GDPR Compliant?

Yes. For more information, see our Privacy Policy. We acquire DPAs from each subcontractor that we work with.

Is Upstash HIPAA Compliant?

We are in process of getting this certification. Contact us (support@upstash.com) to learn about the expected date.

Is Upstash PCI Compliant?

Upstash does not store personal credit card information. We use Stripe for payment processing. Stripe is a certified PCI Service Provider Level 1, which is the highest level of certification in the payments industry.

Does Upstash conduct vulnerability scanning and penetration tests?

Yes, we use third party tools and work with pen testers. We share the results with Enterprise customers. Contact us (support@upstash.com) for more information.

Does Upstash take backups?

Yes, we take regular snapshots of the data cluster to the AWS S3 platform.

Does Upstash encrypt data?

Customers can enable TLS when creating a database or cluster, and we recommend this for production environments. Additionally, we encrypt data at rest upon customer request.