Compliance at Kustomer

Kustomer’s commitment to data privacy and security is embedded in every part of our business. This page outlines the high-level details for several of the frameworks, regulations, and certifications that apply to our company and its products.


The European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) each creates a standard privacy framework to which all compliant businesses must adhere, creating clarity and transparency for individuals.

In compliance with GDPR and CCPA, Kustomer offers a Data Processing Addendum (DPA) for our business customers who are the data controllers that, among other things, specifies our obligations and restrictions around our processing activities and provides the legal basis for our processing under the GDPR and CCPA and also for cross-border data transfers from the EU.

More information on GDPR and CCPA is available here.


Kustomer helps customers fulfill their HIPAA obligations by providing covered entities and business associates with appropriate security configuration options to safeguard protected health information (PHI). Our Business Associate Agreement (BAA) is available to customers upon request in alignment with HIPAA standards. More information on HIPAA compliance here.

Privacy Shield

Kustomer is certified under the EU-US Privacy Shield Framework. The EU-U.S. Privacy Shield Framework provides a method for companies to transfer personal data to the United States from the European Union (EU) in a way that is consistent with EU law. More information on Privacy Shield is available here.


Kustomer maintains compliance with AICPA’s SOC for Service Organizations Trust Services Criteria, commonly known as SOC 2. More information regarding Kustomer Security and SOC 2 compliance is available here.

ISO 27001

Kustomer is certified to ISO 27001, the leading international standard for information security management systems (ISMS). This certification demonstrates our commitment to systematically examining changing security risks and continuously advancing our security protocols. More information on ISO 27001 is available here.

Ready to discover how AI + Data + CRM equals customer magic?

View PricingRequest Demo