PCI DSS Attestation of Compliance
Start your security review
Search items
ControlK

Vercel is the platform for frontend developers, providing the speed and reliability innovators need to create at the moment of inspiration.

We enable teams to iterate quickly and develop, preview, and ship delightful user experiences. Vercel has zero-configuration support for 35+ frontend frameworks and integrates with your headless content, commerce, or database of choice.

Under Armour-company-logoUnder Armour
HashiCorp-company-logoHashiCorp
Adobe-company-logoAdobe
The Washington Post-company-logoThe Washington Post
Okta-company-logoOkta

Documents

REPORTSHIPAA Report
Trust Center Updates

PCI DSS Attestation of Compliance

Compliance
Copy link

We’re thrilled to announce that we have completed our 2024 Self-Assessment Questionnaire Attestation of Compliance (SAQ-D AOC) for Service Providers. Our SAQ-D AOC is now available for download and includes transitioning to version 4.0. In addition, we have also made available Vercel's Responsibility Matrix for download.

Published at N/A

We’re pleased to announce that we recently completed our Self-Assessment Questionnaire Attestation of Compliance (SAQ-D AOC) for Service Providers! Our SAQ-D AOC report is available for download. For more information, see our blog post at https://vercel.com/blog/pci-compliance-for-ecommerce-teams.

Published at N/A

Subprocessor Update

Subprocessors
Copy link

We have updated Vercel subprocessor list to include ClickHouse Inc. (USA) for Analytics services.

This third-party data processor, engaged by Vercel to provide services in accordance with your instructions, have been evaluated as part of Vercel’s third-party risk management process.

Additionally, we have removed the following subprocessor: MongoDB (USA).

If you have any questions or concerns about these subprocessors changes, please do not hesitate to contact us at privacy@vercel.com.

Published at N/A*

ISO 27001 Certification

Compliance
Copy link

Vercel is pleased to announce that we recently migrated to the ISO 27001:2022 framework! Our updated ISO 27001 certificate is available for download.

Published at N/A

Vercel is pleased to announce that we recently completed our ISO 27001:2013 certification! Our ISO 27001 certificate is available for download. For more information, see our blog post at https://vercel.com/blog/vercel-iso-27001-security.

We also updated our Policies and 2023 SOC 2 Type 2 Report for download.

Published at N/A*

SOC 2 Type 2 Report

Compliance
Copy link

Vercel's 2024 SOC 2 Type 2 report is now available for download. This audit was completed by Schellman and covers our audit period July 1, 2023 to June 30, 2024. We also added our updated policies.

Published at N/A

Vercel's SOC 2 Type 2 report is now available for download. This audit was completed by Schellman and Company LLC and covers our audit period July 1, 2022 to June 30, 2023.

Published at N/A*

Subprocessor Update

Subprocessors
Copy link

Vercel has updated our subprocessor list. We have added the following subprocessor: Civilized Discourse Construction Kit Inc. (USA) for community support and communication services.

This third-party data processor, engaged by Vercel to provide services in accordance with your instructions, has been evaluated as part of Vercel’s third-party risk management process. If you have any questions or concerns about this subprocessor change, please do not hesitate to contact us at privacy@vercel.com.

Published at N/A

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Powered bySafeBase Logo