Fintech, how do you measure up to the rest of the industry?
Get the benchmark report →
Mixpanel
Login
Contact Sales
Get Started Free
security
Security Overview
security
Security Overview

Security

Last Updated

Security Overview

Security is one of our biggest priorities here at Mixpanel. On this page we have provided information about the security of your data, our general security practices, and how you can reach a member of the security team if you have questions that haven’t been answered below.

AICPA SOC badgeMoss Adams ISO 27701 CertMoss Adams ISO 27001 Cert

The Mixpanel platform safeguards customer data using a variety of controls:

  • Mixpanel application data is secured in transit using TLS, and encrypted at rest in Mixpanel’s proprietary analytics database format.

  • The Mixpanel application logically separates user data, and access to your data is protected by strong authentication and authorization controls.

  • Mixpanel audits changes to the application throughout the development lifecycle: architecture reviews are performed as well as stringent automated and manual code review processes.

  • Mixpanel monitors application servers, infrastructure, and the Mixpanel network environment to detect potential abuse.

  • Mixpanel maintains a native and active SOC 2 type II attestation and is an ISO 27001 and ISO 27701 certified. The documents are available in our Trust Center.

  • Additionally, our Cloud Service Provider Google regularly undergoes independent verification of security, privacy, and compliance controls against the following standards: ISO/IEC 27001, ISO/IEC 27017, SOC 1, SOC 2, SOC 3, PCI DSS, HIPAA, CSA Star, FedRAMP and many others. Additional details are available here.

European Union’s General Data Protection Regulation (GDPR)

Mixpanel is committed to complying with GDPR so that our customer’s and their end user’s rights and obligations are met under GDPR, which took effect on May 25, 2018. As explained in our GDPR article, we created many tools and implemented new processes to ensure we can assist our customers with their compliance with GDPR requirements. Our customers can programmatically delete end-user data, or submit deletion or export requests via the privacy portal in their account settings. We also help our customers support data subject rights by providing options for data retention periods. For more information on our tools and processes, see our GDPR page.

India’s Digital Personal Data Protection Act (DPDP) & Accompanying Regulations

Mixpanel is committed to complying with India’s DPDP so that our customer’s and their end user’s rights and obligations are met. Mixpanel supports tools and processes to ensure we can assist our customers with their compliance with DPDP requirements and compliance obligations. Our customers can programmatically delete end-user data, or submit deletion or export requests via the privacy portal in their account settings. We also help our customers support data subject rights by providing options for data retention periods. For more information on our tools and processes, see our Privacy Overview page.

General Security Questions

If you have general security questions or concerns, please email us at grc@mixpanel.com.

Mixpanel
Progress is possible
Platform
Use Cases
Teams
Industries
Business Size
Resources
Company
Templates
Compare Us
Prefers reduced motion
©2024 Mixpanel. All rights reserved
Legal
Privacy Program
Security
Your Privacy Rights