Security Standards at Userpilot


Privacy Shield

SOC 2 Type II

Userpilot is a product experience platform that is used by hundreds of teams to deliver in-app experiences to their users. As a vendor that processes millions of data points on a daily basis, we take our customers and their users’ data very seriously. Userpilot takes full responsibility for all data that’s processed through the platform. Our data is fully encrypted, managed, and stored by SOC-compliant vendors such as Amazon AWS and Google Cloud.


All data that is handled and processed through the Userpilot platform is fully secured against unauthorized access. Only authorized Userpilot personnel are allowed to access such data and are required to authenticate themselves whenever such data is accessed.
We have also taken extreme measures to prevent unauthorized access, theft or manipulation of data.
Internal security
Product security
Network and application security
Additional Security features


The Userpilot platform architecture was built to ensure maximum accessibility and uptime. Our APIs are fully separate from our product server, and redundant failover servers are set in place.
Our infrastructure is largely provisioned across AWS, with a small footprint in GCP (Google Cloud Platform), in order to power smaller components in our Userpilot application. Our Amazon infrastructure is contained within Userpilot managed VPCs (Virtual Private Clouds) and provides total isolation from other instances in the same datacenter.
Moreover, all of our data is synced in real-time with multiple backups on a daily basis.


We perform daily backups of all application data in multiple locations. We ensure every instance is fully encrypted and secured.


Commitment to data privacy through initiatives:

GDPR compliance with Userpilot

SOC2 Type II Certification

SOC 2 Type II certification is awarded by an independent auditing body to ensure the security of client data processing by 3rd party service providers. The certification is based on 5 “trust service principles”: security, availability, processing integrity, confidentiality, and privacy
Thanks to SOC2 Type II, you can now be confident that Userpilot:
Current and potential customers of Userpilot can now be sure about its data protection mechanisms quality and can learn all the details from the SOC 2 report, available upon request from [email protected]


To report any issues or request more information, please drop us an email at [email protected]