Security & privacy at airfocus

At airfocus, we protect your data with industry-leading security structures and practices. Thousands of the world's most innovative companies trust airfocus to keep their data safe.

Why do thousands of companies trust airfocus?

We earn trust from our users by providing industry-leading security standards.
airfocus covers the following:


Security is in our DNA. We are committed to keeping our customers' data secure by adhering to the strictest security measures
available on the market, so you can be sure that your data is kept safe with us at all times.

airfocus is ISO 27001 certified

We have a comprehensive Information Security Management System in place that is ISO/IEC 27001:2013 certified. the world's leading standard for information security management. Our physical infrastructure is hosted on highly secure data centers that are ISO 27001 and SOC 2 Type II certified.

Data storage and encryption at rest

We encrypt data at rest using an industry-standard AES encryption algorithm. All user passwords are hashed with a PBKDF2-based robust hashing algorithm and individual salts per password.

Data encryption in transit

All communication between airfocus servers and the client browser is secured using the industry standard Transport Layer Security (TLS). Only the most relevant and secure level of TLS is accepted by airfocus (currently 1.2). We have an A+ rating in the SSL Labs security report. See this SSL report for more information.

Product security & SAML/SSO

airfocus offers a robust set of in-product data protection and admin controls (admin, editor, contributor, and viewers, as well as workspace permissions). Enterprise admins can securely deploy airfocus to their organizations with Single Sign-On (SSO).

Credit card & payment security

We do not store any credit card information or related personal information on our servers or process payments. All payments are processed through our partner Stripe.

Annual penetration tests

Our infrastructure, web applications, and APIs are penetration tested and certified annually by external independent parties.

Security FAQs

Who carries out the ISO 27001 certification?
The certification is carried out by an independent auditor. You can download our ISO 27001 certificate here.
Do you have dedicated Single Sign-On integrations?
Yes. We have dedicated Single Sign-On integrations available for Microsoft Azure DevOps, Google Cloud, and Okta. Alternatively, you can set up customer SAML SSO with any Identity Provider (IDP) of your choosing.
How do we handle payments?
We use Stripe to handle payments. Stripe is a leading global payments system provider and enforces stringent PCI DSS (Payment Card Industry) compliance criteria to ensure that any data stored and/or processed on its servers is handled in a secure way. Details about their security can be found here.

Reliability & availability

We offer full transparency into system status and performance.


airfocus offers 24/7 priority support and up to 99.9% uptime commitment to Enterprise customers. Real-time and historical platform available is provided transparently here.

Business continuity

airfocus' infrastructure maintains business continuity and ensures to provide daily backups in separate data centers and disaster recovery plans for restoring services in the event of unavoidable failures.

Privacy & data protection

We have a comprehensive privacy compliance program that aligns our practices
with regulations such as the General Data Protection Regulation.

Privacy policy

Our privacy policy is designed to ensure that your data is always protected. You can read more about our privacy policy here.

Data processing agreement

Find our Data Processing Agreement here.

Data residency

airfocus offers multiple data residency options to Enterprise clients to ensure customers have more control over where their data is stored.

Data governance

Your data is yours. airfocus allows customers to manage, export, and delete data at the organization level.


airfocus adheres to global privacy laws and security standards
with measures in place to help you meet your compliance obligations.


Data protection & privacy rights for EU residents.


Privacy rights and customer protection for California residents.

ISO/IEC 27001:2013

Leading global standard for information security management systems.

Modular product management platform

Join thousands of teams who use our flexible platform to build products that matter.

Try for free

Book a demo

Top rated
on major review platforms
airfocus is where teams build great products. Welcome home 💙
All rights reserved.