ForwardDiscover what's new in our Q1 product update - March 20th   Join us

SOC 2 compliance

More than 4,000 software sellers trust Paddle with their data. We are fully committed to data privacy and security, and have successfully completed Service Organization Control (SOC) 2 Type 2 audit for 2023, following the SOC 2 Type 1 audit in 2021.

This audit is one of the industry's most rigorous security and compliance certifications.It evaluates an organization's controls around data security, availability, processing integrity, confidentiality, and privacy.

The scope of our SOC 2 Type 2 Report includes:

  • Scope: Paddle’s Paddle Platform Services System that was designed and implemented throughout the period July 1, 2022 to December 31, 2022, in accordance with the description criteria.
  • Selected SOC 2 Criteria: Security, Availability and Confidentiality (applicable trust services criteria) set
  • Examination Type: SOC 2 Type 2

What is SOC 2?

The AICPA Service Organization Control (SOC) is one of three reporting standards developed by AICPA and used by service organizations to report on their documented operational and information security policies and procedures.

What is a SOC 2 report?

A SOC 2 audit report provides detailed information and assurance about an organization’s security, availability, processing integrity, confidentiality and privacy controls, based on their compliance with the American Institute of Certified Public Accountants (AICPA) trust services criteria.

How can I request a copy of Paddle’s SOC 2 Type 2 Report?

Paddle’s SOC 2 Type 1 report is available to our existing and prospective sellers who have signed a non-disclosure agreement. You can request a copy through one of the following methods: