Protecting your data with industry-leading practices

The security of your data is our top priority. We are SOC 2 certified and maintain industry-leading security and privacy practices. If you have any specific concerns beyond the scope of this page, please contact us at

In addition to all of the information below, Polinode maintains a Trust Center that you may access to via the button below. Enterprise and Partner customers may request access to our annual 3rd party penetration test and other documents via the Trust Center.
Polinode security diagram including SOC 2 certification.
Security icon
Polinode is AICPA SOC 2 certified and our infrastructure is provided by Amazon Web Services, which is certified for compliance with ISO 27001, ISO 27017, ISO 27018, PCI DSS, as well as audited against the AICPA SOC 2 and AICPA SOC 3 standards. We are hosted in the AWS Ireland region, which typically makes compliance easier for our EU-based customers (or non-EU customers with EU employees). We may also be able to support you in other AWS regions on request.
Padlock icon
Encryption at-rest: all data is encrypted before it is written to disk using AES-256 bit encryption.

HTTPS: all data you exchange with Polinode is transmitted over SSL/TLS. Data we collect from 3rd-party services on your behalf is also fetched over SSL/TLS. If you would like to learn more about how we connect to a specific data source, please contact us.
Padlock icon
Security and penetration testing
Comprehensive testing to ensure the highest levels of security and protection.
3rd-party penetration testing
Comprehensive testing to ensure the highest levels of security and protection.
Automated security scans
We use automated scanning tools to continually scan our application and infrastructure for vulnerabilities, including Amazon Inspector and Drata. We also utilize source-code level scanners to identify vulnerabilities in any dependencies.
Cover page and table of contents for Polinode's Information Security Whitepaper.
Lightning bolt in shield icon
Additional security practices
Ensuring robust security measures to protect your data at every level.
If you require any additional information on our security practices, please contact us at We can provide detailed documentation on our security practices under NDA.
Limit processing to meta-data
We don’t read your email. We only ingest meta-data, ensuring your content remains secure.
Multi-factor authentication
Access to our infrastructure requires strong passwords and multi-factor authentication for added security.
OAuth 2
We use OAuth 2.0 to securely access data from your integrations, allowing you to revoke access anytime.
Separation of environments
We maintain distinct production, staging, and development environments to safeguard your data.
No sensitive payment information stored
Payments are processed through Stripe, ensuring your payment details are never stored.
Security audits
Regular internal audits ensure compliance with our stringent security policies and procedures.
Unlock the hidden insights in your organization
Look past the boxes and lines of traditional org charts and see how your organization actually works.