Data Privacy Compliance
Learn about Deepgram data privacy compliance frameworks and certifications.
Deepgram maintains and meets the requirements for multiple data privacy compliance frameworks and certifications. To request Deepgram compliance documentation, talk to your Account Executive.
Deepgram has achieved SOC 2 Type 1 and Type 2 certification. An independent auditor has evaluated the security controls and procedures we use to protect the data we process in the cloud and has assessed the operational effectiveness of our systems.
Deepgram is GDPR ready. We provide information to our customers to help them understand how features and functionality of our platform may affect their GDPR compliance obligations.
For customers requiring data processing within the European Union, Deepgram provides an EU-specific endpoint at api.eu.deepgram.com. See our Regional Endpoints documentation for more information.
Deepgram is considered a Business Associate as defined by the US HIPAA legislation.
For Deepgram customers who qualify as a Covered Entity under US HIPAA legislation and related legislation and regulations and who provide ePHI (electronic Protected Health Information) to us, Deepgram may qualify as a business associate. We can provide our Business Associate Agreement to such customers upon request.
We are compliant with the California Consumer Privacy Act of 2018 (CCPA), which secures privacy rights for California consumers and gives them more control over the personal information that businesses collect about them. You can view our privacy policy on our website.
We are PCI compliant, and perform a yearly review of our standing within the framework.