Hex

Hex

Search the Trust Center...
Ctrl +K

Hex | Trust Center

Everything you need to complete your security review is here. Browse documents, certifications, and compliance details with confidence. Our Trust Center is regularly updated to reflect the latest audit results, and subprocessor disclosures.


Badges

soc2-type-2
SOC 2 Type II
hipaa
HIPAA
pci
PCI
gdpr
GDPR
ccpa
CCPA
eu-us-data-privacy
EU-US DPF
swiss-us-dpf
Swiss-US DPF
uk-extension-to-eu-us-dpf
UK-US DPF

Our Philosophy

Our approach to security is rooted in building trust by embedding robust, industry-leading protections into every layer of our product, infrastructure, and culture. We treat security not as an add-on but as foundational to our mission: safeguarding customer data and enabling confident, compliant data and analytics workflows. By maintaining rigorous third-party validations, minimizing data movement through ephemeral design patterns, enforcing least-privilege access controls, and fostering a security-first culture from onboarding through continuous training, we ensure that our platform remains resilient against evolving threats. Moreover, by embracing transparency, proactive vulnerability disclosure programs (including a private bug bounty), and options for single-tenant deployments that support stringent regulatory requirements, we differentiate Hex from competitors by offering both enterprise-grade trust and flexibility tailored to our customers’ security and compliance needs. 

Reed Loden

Head of Security & IT

Coming Soon

  • 2026: ISO 27001 and ISO 27701

Quick Summary

One or more annual third-party audit(s)

Has a formal mobile device management (MDM) program

Annual third-party penetration testing

Has a disaster recovery plan

Has cyber insurance

Deletes customer data on request

Uses a centralized IAM solution (SSO) to manage employee access


Hex Documents


Trusted by

Reddit
Anthropic
Figma
AWS
Sierra AI
Vercel
Powered by Conveyor, the first end-to-end customer trust platform.
Learn more