We use cookies to ensure you get the best experience on our website.

Cookie settings

Analytics

Marketing

Necessary

Privacy policy
Sign in
Start for free
Security and protection illustration

Secure by default

Keeping you and your customers protected

Security is the center of everything we build and do – so we make sure our processes and systems are designed to protect our users.


Take a deeper look at our security policy and documentation

The highest levels of compliance

We take data security incredibly seriously. We want you to trust us and our systems, which is why we’ve sought external certification to ensure our technology infrastructure and your data is kept secure.

ISO 27001

Kinde holds a certificate of registration for ISO 27001 and maintains an information security management system (ISMS) with a dedicated internal security team.

SOC 2

Kinde has completed a SOC 2 Type 2 with report and attestation from AssuranceLab. Reach out to our team if a copy of our report is required.

HIPAA

Kinde is HIPAA compliant and supports our customers as a Business Associate. For Enterprise customers, our team can ensure a Business Associate Agreement is in place before work begins.

GDPR

Kinde is compliant with the GDPR and supports our customers by maintaining strict privacy principles as a Data Processor.

Learn more about our compliance certifications

Secure by protocol

We believe in leveraging standards and protocols to help create consistency, protection and trust. Kinde is built from the ground up using the best in class security protocols

OAuth 2.0

We work well with everyone else and keep everyone’s information safe.

TLS 1.2+

Data is kept private and integrity is retained.

CSRF

We prevent cross site forgery attacks on your information.

DMARC

Brings together DKIM and SPF to make sure our email is safe and can't be faked.

DNSSEC

Authenticates DNS requests and prevent attacks.

CSP

We employ a strict CSP policy for referenced, inline scripts, and referenced CSS.

Privacy protection to the max

We’ve done everything to make sure that you don’t have to worry about the privacy of your data when it’s in our care.

Private by design

It’s simple. You always own your data and we will never sell it to third parties. Period.

Manage users

You have the ability to grant, edit and revoke access to your team and to the organizations using your product.

SSO support

We support a variety of social SSO providers as well as custom providers. Which means your customers can keep their data in places they already know and trust.

Encryption in-transit and at-rest

Our systems are designed for encryption at rest using AES256 and in transit with a minimum of TLS 1.2.

Take a deeper look at our privacy policy

Report a security vulnerability

If you have detected a security threat or vulnerability against Kinde systems or personnel, please reach out to your account manager or security@kinde.com

Learn more about reporting security vulnerabilities