Privacy by design. Security at its core.

Privacy is only as strong as the security protecting it. DataGrail is architected for privacy management, but security is our foundation.

Top Security & Privacy Features

  • Physical Security. All data is stored in AWS in encrypted storage systems. We have no servers on premise.

  • Data Protection. Our customers provision cloud storage in their own environments, with limited permissions granted to DataGrail.

  • Encryption. All data is encrypted at rest using AES-256, and encrypted in transit from VPC to clients via TLS v1.2.

  • Data Recovery. Data is backed up daily with AES-256 encryption, with a Recovery Time Objective (RTO) of 24 hours.

  • Data Ownership. Your data 100% belongs to you. We do not use, sell, or repurpose your data.

  • Vulnerability Management. Penetration tests are performed every 6 months, with any issues handled within a day.

  • Account Security. Two-factor authentication: We support Okta, Google SSO, and other SSO providers.


Bug Bounty Program

Part of DataGrail’s commitment to excellence is our focus on building a secure platform that protects the privacy and integrity of our customer’s data.

Find out how DataGrail can work for your business