Developers using Convex are entrusting us with their most imporant assets—their users' data. Accordingly, security is of the utmost importance to our team.
Convex is SOC 2 Type I compliant, demonstrating our dedication to the highest security and privacy standards for your data’s safe management, ensuring robust protection against unauthorized access and data breaches.
Convex is hosted on AWS, which is certified for SOC 2 Type II, ISO 9001, GDPR, HIPAA, FedRamp, and numerous other standards.
If you believe you've discovered a bug in Convex's security, please get in touch at security@convex.dev and we'll get back to you within 24 hours. We request that you not publicly disclose the issue until we have had a chance to address it.