Trust Center Compliance Documents FAQ Updates
Trust Center Overview

Shippo's Trust Center is the central resource for customers, prospects, and auditors to evaluate our security and compliance posture.


Shippo maintains compliance with industry recognized standards including SOC 2 Type II and PCI DSS, validated by independent third-party auditors. Compliance reports and documentation are available upon request through this portal. When new reports are issued, we make them available for customer download following execution of an applicable MNDA.


For security questions not covered here, reach our security team at security@goshippo.com.

Compliance Request Access to Private Documents
2 Results
Documents that summarizes our adherence to laws, regulations, and internal policies, helping ensure transparency, risk management and legal conformity
SOC 2 Type 2
2025
PCI DSS
2026
Documents My Documents
Request Access to Private Documents
Privacy Notice
Data Processing Addendum
Shippo Architecture Diagram
PCI SAQ-A and Attestation of Compliance
2026 SOC 2 Bridge Letter
SOC 2 Type II Report
Access Control
Quarterly Access Reviews
Role-Based Access Control
Multi-Factor Authentication
View More
Infrastructure
Production access restricted
Separate Production Environment
AWS
View More
Network Security
Web Application Firewall
Network Segementation
IDS
Data Security
Backups Enabled
Encryption at Transit
Encryption at Rest
Risk Profile
HostingMajor CSP
Third Party DependenceYES
Vulnerability Assessment and Penetration Testing
Continuous vulnerability scanning
Bug Bounty Program
Annual 3rd Party Penetration Test
View More
Reports
We are happy to provide more details about our reports upon request
Endpoint Security
Threat Detection
Mobile Device Management
Corporate Security
Annual Awareness Training
Background Verification Checks
Documents
Privacy Notice
Data Processing Addendum
Shippo Architecture Diagram
View More
FAQ
Does Shippo have a SOC 2 Type II Report?
Does Shippo encrypt data?
Does Shippo perform penetration testing?
Does Shippo have formally documented policies and procedures?
View More
Trust Center Updates
Shippo 2026 SOC 2 report and bridge letter Published at

Shippo's current SOC 2 type II report is available for request on this trust center. The bridge letter is also available to address the gap period between our observation period ending in November 2026.

Shippo has Attained SOC2 Type2 Compliance Published at

We are proud and excited to announce that the Shippo has achieved SOC 2 Type 2 compliance.

SOC 2 Type 2 compliance requires an ongoing commitment to security and privacy practices and demonstrates our dedication to protecting our customers' data. We have uploaded the SOC 2 Type 2 report to our trust portal for our customers' reference.

Trust Center Launch Published at

Introducing the Shippo Trust Center, our latest initiative for openness in security practices and developments. Here, we will consistently update you on our measures to secure your data, our responses to emerging threats, and our compliance with regulatory standards. Have confidence in our unwavering commitment to the protection of your information and remain updated with the newest advancements in data security.

Have questions or found a bug? Click Contact Support to reach out to us!
Change Password
Enter your current password then type a new secure password for your account.









My Documents
Request Additional Documents
Report An Issue
If you believe you've identified a vulnerability. Please don't hesitate to Reach out us.