Certification Reports and Resources
Certification reports
SOC 2 Type II and SOC 3 Type II
DigitalOcean maintains a SOC 2 Type II and SOC 3 Type II certification, issued by our independent auditor, Schellman & Company. By achieving compliance with this globally recognized information security controls framework, DigitalOcean demonstrates a commitment to protecting sensitive customer and company information.
CIS Benchmarks
Through our CIS Foundations and CIS Services Benchmarks, we empower our customers with actionable resources to better secure their infrastructure. And, because CIS Benchmarks are aligned to various security frameworks by design, customers can reference our Benchmarks as a resource for their respective compliance programs.
Global PRP Certification
DigitalOcean maintains compliance with rigorous privacy and data protection standards, as evidenced by our Global Privacy Recognition for Processors (Global PRP) certification. With this certification, DigitalOcean demonstrates our commitment to prioritizing security and confidentiality in data processing operations to maintain trust with our customers.
PCI-DSS
DigitalOcean maintains a Zero-Footprint data policy by way of our PCI-DSS SAQ-A validation. Through our attestation, DigitalOcean commits to not storing, processing, or transmitting cardholder data within our administrative environment.
CSA Self-Assessment
DigitalOcean has achieved Cloud Security Alliance (CSA) STAR Level 1 which addresses fundamental security principles across 16 domains to help cloud customers assess the overall security risk of our services.
Data Center Certifications
| ISO 9001 | ISO 14001 | ISO 22301 | ISO 27001 | ISO 45001 | ISO 50001 | PCI-DSS | SOC 1 Type II | SOC 2 Type II | |
|---|---|---|---|---|---|---|---|---|---|
| AMS2 | |||||||||
| AMS3 | |||||||||
| ATL1 | |||||||||
| BLR1 | |||||||||
| FRA1 | |||||||||
| LON1 | |||||||||
| NYC1 | |||||||||
| NYC2 | |||||||||
| NYC3 | |||||||||
| SFO1 | |||||||||
| SFO2 | |||||||||
| SFO3 | |||||||||
| SGP1 | |||||||||
| SYD1 | |||||||||
| TOR1 |
AMS2
AMS3
ATL1
BLR1
FRA1
LON1
NYC1
NYC2
NYC3
SFO1
SFO2
SFO3
SGP1
SYD1
TOR1
If you have other compliance-related questions, please reach out to trust@digitalocean.com.
Transparency Report
Like all cloud computing companies, we occasionally receive requests from government agencies regarding one of the servers in our network. To protect our customers, our policy is to fully (and transparently) comply with the legal process, provided that it is legally valid with respect to where the data in question resides.
We stand with our customers when governments ask us for data. We don't disclose user content to law enforcement without proper legal process and we inform users about government data requests unless legally prevented. Our transparency reports outline the requests we receive from law enforcement agencies and explain our commitment to being responsible cloud providers.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.