Security & Privacy

Your security is AppSignal's priority

AppSignal takes security and data protection very seriously. We have put in place all the necessary and required processes to comply with data protection and privacy legislation.

Logo ISO

ISO 27001 certified


GDPR compliant


HIPAA compliant

You can sign a DPA (Data Processing Agreement) digitally via your AppSignal account

With AppSignal, your data is in safe hands. We're ISO 27001 certified. ISO 27001 is a global standard of data protection, meaning all your data stored with AppSignal is protected by rigorous security processes and safe from bad actors.

Security protocols

Our data security toolkit

We've developed a suite of tools and processes to help keep your data secure, from regular pentests to allowing all our users to set up 2FA.

Regular pentests

We regularly conduct penetration tests in line with our ISO 27001 certification.


Add an extra layer of security to your AppSignal account with two-factor authentication.

Encrypted backups

Your data is backed up, encrypted, and stored securely.

Limited data retention

Your metrics and logs are in safe hands, old sample data is regularly destroyed.

Bug bounty

We reward people in the rare case they find a bug in our code.


The only EU-based APM

AppSignal is the only APM with all its sub-processors located in the EU. When choosing AppSignal as your APM, you have the added assurance that your application's data is being handled in compliance to GDPR, and is protected by some of the world's strictest privacy laws.

Data processing agreement

Sign your DPA via your AppSignal account

DPA stands for Data Processing Agreement. Our DPA provides a legal framework for data processing activities and data protection and clearly explains the responsibilities and liabilities of AppSignal and yourself as a customer.