Our security program
Security is core to everything we do at Deck. We maintain compliance with SOC 2 Type II, HIPAA, GDPR, and PIPEDA through continuous monitoring, independent audits, and enterprise-grade controls. Browse our policies and reports below.
Compliance
Compliance frameworks currently meets or is working toward to uphold their security and privacy commitments.
SOC 2
Compliant
HIPAA
Compliant
GDPR
Compliant
PCI DSS
Compliant
PIPEDA
Compliant
Resource library
Our security, compliance, and policy documentation, including audit reports.
Deck SOC 2 Type IIFebruary 27, 2026
PCI DSS - 2025April 16, 2026
Deck Penetration Testing ReportFebruary 27, 2026
Business Continuity PlanFebruary 27, 2026
Deck Disaster Recovery PlanFebruary 27, 2026
Subprocessors
Trusted third parties that support our services and may process customer data as part of their function.
Cloudflare
No location specified
GCP
No location specified
Microsoft Azure
No location specified
Pylon
No location specified
Aikido
No location specified