At CloudCannon, security is important to us. We are always looking for ways to improve our product and a big part of that is security. This includes our product and the way our people conduct themselves to achieve the entire experience.


CloudCannon is currently working towards SOC2 compliance as a priority for 2022. In the meantime, Enterprise customers can work directly with our Information Security team.

For payments we use Stripe which is a certified Level 1 Service Provider. CloudCannon does not store any raw payment details.


CloudCannon works hard to ensure the app is GDPR compliant. For a list of subprocessors you can review our GDPR policy. Once an account, site or project is removed, all associated data are immediately removed.


Your privacy is critically important to us. At CloudCannon we have a few fundamental principles:

  • We don’t ask you for personal information unless we truly need it.
  • We don’t share your personal information with anyone except to comply with the law, develop our products, or protect our rights.
  • We don’t store personal information on our servers unless required for the on-going operation of one of our services.

Read more in our privacy policy and if you have any concerns, please share them with us.

External pen testing

CloudCannon hires a 3rd party to run penetration tests at least annually. We use scanning tools to monitor and detect vulnerabilities. CloudCannon periodically runs a bug bounty program. The Bug Bounty Program is currently available; it is important to follow the guidelines stipulated.


If you need anything else, please contact