Dataloop Security and Privacy



SOC2 Type I

SOC2 Type II

ISO 27001

ISO 27001

Dataloop is an enterprise-grade data engine that ensures the highest data standards across your entire data organization, allowing cross-functional collaboration while keeping your data access internal. Helping your teams build and deploy deep learning data pipelines with unlimited scalability and control.

The following outlines our key security and privacy measures in order to ensure all customers’ data remain private and protected, at all times:

Group 12


We deploy custom authentication and role permission enforcement using advanced Kubernetes-powered infrastructure for on-premises or private storage deployments. Our authentication and authorization system is based on Auth0 (, an industry-leading identity management platform. The goal of our user access policies is to allow organizations to implement rules-based access that works towards the principle of least privilege.

Group 30


Dataloop complies with the GDPR ensuring that personal data is properly collected, stored, and documented. All new vendors, assets, and activities pertaining to processing personal data are subject to review of privacy and security. As new privacy and security laws that follow the GDPR’s lead are regularly being passed into law globally, we take a stringent approach to data privacy and security for all data, regardless of its source location, to meet any similar requirements, no matter their origin.

Group 14 Copy


ISO/IEC/SOC2 Certifications

Dataloop has received ISO/IEC- 27001:2013 & ISO/IEC 27701:2019 by The Standards Institution of Israel. In addition, Dataloop is SOC2 Type II certified.

GDPR Compliant

Dataloop is compliant with the GDPR regulations and has an appointed as a representative (according to Art. 27 GDPR). This provides an easy way to submit privacy-related requests like requests to access or erase any personal data.

Group 12


We provide full encryption in order to keep your data constantly safe, compliant with military-grade security standards, and certified by comprehensive system audits. HTTPS is encrypted in order to increase the security of data transfer. Any user information, including login credentials, passwords, and storage access keys remain private and secured. To incentivize making security a top priority, Dataloop offers a bugs-bounty program in which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities. Dataloop also uses state-of-the-art firewalls and communication protocols. All external communications to and from our services can only be made via port 80/443 and are SSL/TLS encrypted. All communications to 3rd party services (Auth0, mailing services, etc.) outside of our cluster are routed using VPC tunneling.

© Dataloop Ltd. 2023