At Magento, the security of your commerce data is our highest priority

See why hundreds of thousands of merchants trust us with digital commerce

Trust is the foundation of our relationship with hundreds of thousands of merchants around the world. We value the confidence you’ve put in us and take the responsibility of protecting your information seriously. To be worthy of your trust, we built and will continue to grow Magento with an emphasis on security, compliance, and privacy. 

Shared responsibility security model

Magento Commerce Cloud relies on a shared responsibility security model where merchants and Magento have different areas of responsibility for maintaining the security of your commerce experience. This approach is intended to provide the greatest flexibility for customization and innovation while reducing the operational responsibilities of the merchant. Customers have the ability to customize the Magento application to their heart's extent. At the same time, Magento provides secure managed services on top of Amazon’s industry leading cloud services.  

Learn more   

Secure commerce experiences with control and visibility 

Magento Commerce Cloud is designed to provide multiple layers of protection all the way from an end-user's browser to the content delivery network, the payment integration, the cloud environment, and the core application. We work behind the scenes to protect your stores and empower IT administrators with tools that provide control and visibility. Our robust information security management framework is designed to assess risks and build a culture of security at Magento. 

Learn more

Compliant processes and technology architecture

Compliance is an effective way to validate a service’s trustworthiness. We encourage and expect you to verify that our security practices comply with the most widely accepted standards and regulations in the commerce technology industry like PCI, GDPR, SOC 1 and 2. Our independent third-party auditors test our controls and provide their reports and opinions — which we share with you whenever possible. 

Learn more 

Data privacy and protection

Whether you're concerned about your data as a merchant or your end-user's data, we’re committed to keeping it private. Our Privacy Policy and Privacy Shield Privacy Policy clearly describes how we handle and protect your information. As a further commitment to privacy, we also share the list and details of our third party sub-processors used to provide our services to our customers. 

Learn more