SOC 2 Compliance
Security and trust are integral at ClickUp. We have achieved audit
certification for Service Organization Controls (SOC 2) Trust Services Principles, focused on security. Our
continued SOC 2 certification ensures our organizational and technology controls are independently audited at
least annually. Please contact email@example.com
for ClickUp's latest report.
ISO 27001:2013 is considered to be the highest international standard of information security as it relates to customer data. Following an extensive audit process the ISO 27001:2013, ISO 27017:2015, and ISO 27018:2019 certifications confirm that ClickUp meets the highest international standards for security, reliability, quality, and trust. These certifications also prove ClickUp commitment to continuously improving its information security posture. Please contact firstname.lastname@example.org
for ClickUp's ISO certificates.
Data Center Security
ClickUp customer data is hosted by Amazon Web Services (AWS), which is certified SOC 2 Type 2. AWS maintains an impressive list of reports, certifications, and third party assessments to ensure complete and ongoing state-of-the-art data center security
AWS infrastructure is housed in Amazon-controlled data centers throughout the world, and the data centers themselves are secured with a variety of physical controls to prevent unauthorized access. More information on AWS data centers and their security controls can be found here
Localized Data Residency
ClickUp customers who are on the Enterprise Plan have the option to host their core Workspace data in ClickUp’s US, European, or Asia Pacific data centers at no additional cost. With ownership over their hosting region, customers can ensure ClickUp meets their data security goals.
ClickUp supports Data Residency through our Amazon Web Services-operated data centers in Ireland (Europe Region), Australia (Asia Pacific Region) and the United States.
ClickUp Data Center Locations
All ClickUp web application communications are encrypted over TLS 1.2,
which cannot be viewed by a third party and is the same level of encryption used by banks and financial
institutions. All data for ClickUp is encrypted at rest using AES-256 encryption.
ClickUp maintains ongoing PCI compliance, abiding by stringent
industry standards for storing, processing and transmitting credit card information online.
ClickUp actively monitors ongoing security, performance and availability
24/7/365. We run automated security testing on an ongoing basis. We also contract a third party for penetration
For more information on ClickUp's Security Policy please see https://clickup.com/terms/security-policy
ClickUp's infrastructure is hosted in a fully redundant, secured
environment, with access restricted to operations support staff only. This allows us to leverage complete
data and access segregation, firewall protection, and other security features.