Security and Compliance

Is the CARTO Platform SOC 2 Type II-certified?

Yes. As part of its SOC 2 Type II certification, CARTO undergoes annual auditing of its system and organization controls, performed by an independent, third-party certified auditor.

CARTO’s latest SOC 2 Type II report is available upon request for current customers and prospects. Please visit https://security.carto.com/ to request the latest report.

Yes. CARTO complies with GDPR, CCPA and other data privacy laws where applicable. You can read more about it in our Privacy Policy.

There are three ways for users to access their CARTO accounts:

Single Sign-On (SSO): In this case, your organization will define the password requirements and will leverage all security policies such as rotation, MFA, etc.
Sign in with Google: The password requirements and policies are defined in your Google account preferences, which may be managed by your organization.
Username/Password: CARTO uses Auth0 to securely process the data and enforces sufficient length and complexity standards.

If you're looking for password rotation, expiration or history controls we recommend you integrate Single Sign-On, so that you can set up and leverage your existing company policies.

When we create a connection to CARTO, does it make any copies of our data?

No, CARTO does not make any copies of the data available through your Connections.

CARTO is cloud-native by design, and we have no need to replicate your data — never. Maps, Workflows, and Applications built with CARTO will launch queries against live data in your own data warehouse (BigQuery, Snowflake, Redshift, Databricks, PostgreSQL, etc) and the result of these queries is not stored for further uses, with the exception of a temporal cache layer for performance and cost optimization, that is encrypted and distributed securely. This applies to all kinds of deployments.

How does CARTO manage our data?

To understand how CARTO processes your data we first need to describe the three categories of data that CARTO processes:

Connected Data: This is the data in your data warehouse (BigQuery, Snowflake, Redshift, Databricks, PostgreSQL, etc) that you'll be using in CARTO. As seen above, CARTO does not make any copies of your data. This data is encrypted in transit, and the credentials are never exposed in the frontend.
User-generated Content: These are the map details, workflows, credentials and configurations created by the users in a CARTO organization. User-generated Content is managed by CARTO. We carry out daily backups and encryption, except for self-hosted deployments. It is encrypted at rest and in transit.
Personal Data: This is the additional data needed by the platform to identify and provide service to the user such as settings, contact information, name, etc; User Data is managed by CARTO. We carry out daily backups and encryption, except for self-hosted deployments. It is encrypted at rest and in transit.

Where is my data stored?

Connected Data: Stored in your connected cloud data warehouse, including the result of all analysis done in CARTO.
- If you are using the CARTO Data Warehouse, then it will be stored in the organization's region of choice.
User-generated Content: This data is stored in the organization's region of choice for SaaS deployments. For Self-Hosted deployments this is stored in your Self-Hosted resources.
Personal Data: Personal user data is stored securely in a server in the United States, on the Google Cloud Platform. You can read more about it in our Privacy Policy.

How does CARTO manage security when a map, workflow or an application are shared?

CARTO provides several controls to make sure viewers and editors don't gain unauthorized access to the underlying data of a map, workflow or application.

Editors can create connections to their data by providing credentials that are stored, encrypted, and never exposed in the browser in any case. These connections can then be shared with all editors in the organization (or with specific groups).
- Editors can also require viewer credentials on their connections for added security.
Maps, workflows and applications relying on a connection will stop working as soon as the credentials used are revoked.
Maps, workflows, and applications can be shared with all users within an organization (including viewers), or with specific groups, but this does not grant them access to the connection.
Published maps can be protected with a password for additional security.

PreviousCARTO for Education NextWhat is CARTO?

Last updated 10 days ago