GraphCMS Achieves SOC 2 Type 1 Compliance

GraphCMS is pleased to announce we have achieved SOC 2 Type 1 Compliance to demonstrate our commitment to security and protecting customer data.

Alexander Naydenov
Daniel Winter
Alex & Daniel
soc2-type1-audit-completion

We’re proud to announce that we have successfully completed the SOC 2 Type 1 audit. Completing the SOC 2 Type 1 audit is key for companies wanting to ensure their customers’ data is managed with the highest security standards and are continuously monitored to ensure those standards are maintained.

We chose to undertake this rigorous process because of our commitment to ensuring that we adhere to the latest security and data protection standards.

Security and data protection of our users are critical to the mission of GraphCMS and we aim to ensure that customer data is protected with the latest standards of security. SOC 2 Reports meet these standards and demonstrate that GraphCMS views security of data as a high priority. Customers relying on GraphCMS to power their most valuable digital products include the Government of Finland, Samsung, Dr. Oetker, Sennheiser, Shure and others.

SOC 2 is an extensive audit that ensures that a company is handling customer data securely to protect both, the organization, and the privacy of its customers. Combined with Drata’s automated platform that continuously monitors the security and compliance of the company across the system. Enterprise customers look to GraphCMS to meet their content and data needs and it is essential that the most current security standards ensure that cloud-centric services can safely protect their data.

“We’re committed to ensuring higher standards on security and compliance for our customers to give them the peace of mind when trusting GraphCMS with their content. We look forward to further enhancing our capabilities in this area over the coming months as security comes into the forefront of our product decisions.” - Daniel Winter, CTO and Founder, GraphCMS

GraphCMS worked with Barr Advisory to perform the audit which confirms that GraphCMS’s security practices, policies, procedures, and operations meet the SOC 2 Trust Service Criteria for security. We are happy that we have completed the SOC 2 Type 1 Attestation Report and look forward to continuing to evaluate security approaches in the future.

If you are curious to learn more about our latest approaches to security and data privacy, please reach out to discuss in more detail.


  • Alex Naydenov
  • Daniel Winter
  • Alex Naydenov

    Head of Sales

    Alex is the Head of Sales of GraphCMS. Previously he's also been a co-founder of the science communication platform Paperhive, and has appeared on the Forbes 30 under 30 Europe list for Social Entrepreneurs.

  • Daniel Winter

    Co-Founder & CTO

    Daniel is the Co-founder and CTO at GraphCMS.

  • Previous
  • 1
  • 2
  • Next

Related articles

It's Easy To Get Started

GraphCMS plans are flexibly suited to accommodate your growth. Get started for free, or request a demo to discuss larger projects with more complex needs