Skip to main content
We are committed to building a secure and trustworthy platform. As part of that commitment, we are on track to achieve our SOC2 certification by Q4 2025.

Overview

Given that our platform exclusively handles public data and our API does not process any PII or sensitive customer information, we have not prioritized SOC2 certification at this time. However, our enterprise customers, including leading multinational banks, continue to trust and work with us, recognizing the security context of our public-data model and our SOC2–compliant handling of internal systems and infrastructure.

User Data & PII

  • Minimal PII Storage: Brandfetch does not collect or store Personally Identifiable Information (PII) beyond login email addresses for passwordless authentication.
  • Logging: We retain logs for up to 90 days for operational purposes. These may include IP addresses and User-Agent strings, which typically reflect server infrastructure rather than individual users.

API Data Handling

  • Public Data Only: The Brandfetch API strictly processes publicly available data tied to domain names. It does not access, store, or interact with any private or customer-owned data.
  • Data Processing Workflow: Our API indexes, processes, and enhances publicly available brand data, making it accessible for our customers. At no point does the API interact with private data.

Security Measures

  • Data Encryption: We utilize AES-256 encryption for data at-rest and TLS for data in-transit, ensuring end-to-end security.
  • Secure Infrastructure: Our development, staging, and production environments are hosted on Amazon Web Services (AWS), which offers secure, resilient hosting with 24x7 security and compliance certifications.
  • Best Development Practices: Our software development lifecycle adheres to OWASP best practices, incorporating human review processes enhanced by AI to maintain high quality standards.

Contact sales

Have questions about security, want to discuss enterprise usage, or need help optimizing your API integration?
Contact sales with our team to get started.