Trust Center

Start your security review
View & download sensitive information
Search items
ControlK

Overview

Welcome to Hootsuite's Trust Center. Our commitment to data privacy and security is embedded in every part of our business.

Our Information Security Management System and program is aligned with the NIST Cybersecurity Framework (CSF), and Hootsuite has a comprehensive suite of security policies based on NIST CSF, NIST 800-53, ISO 27001, SOC 2 Trust Services Criteria, FedRAMP, and GDPR. The security policies are grounded in the key principles of least privilege, need-to-know, least functionality, and segregation of duties, and govern facility, system, and data access. The policies are reviewed and approved by senior management, reviewed by our external auditors, and reviewed annually and updated as required. Our independent annual SOC 2 audit report, ISO 27001 certification and FedRAMP certification provide details on our ISMS and its relationship with the various standards.

Use this portal to learn about our security and privacy posture and request access to our security documentation.

Start your security review
View & download sensitive information

Hootsuite is reviewed and trusted by

Allianz-company-logoAllianz
IKEA-company-logoIKEA
West Midlands Police-company-logoWest Midlands Police
University of Miami-company-logoUniversity of Miami
Bacardi Limited-company-logoBacardi Limited
Live Nation-company-logoLive Nation
Meliá Hotels International-company-logoMeliá Hotels International
Bumble-company-logoBumble
VITAS Healthcare-company-logoVITAS Healthcare
World Resources Institute-company-logoWorld Resources Institute
Interac-company-logoInterac
Save the Children-company-logoSave the Children
eBay-company-logoeBay
Sodexo-company-logoSodexo

Knowledge Base

  • What is the data flow of your service?
  • What is the architecture of your service?
  • Is Hootsuite a processor or controller?
  • What service/product do you provide?
  • What is your location of incorporation?
View more

Trust Center Updates

Certificate of Insurance now available

GeneralCopy link

Hootsuite's updated Certificate of Insurance is now available. Please check out the Documents section of the Trust Center to review and download as needed for your records.

Published at N/A

2024 ISO 27001 Certificate now available

ComplianceCopy link

Hootsuite is excited to share that we have successfully completed our ISO 27001 certification. Please check out the Documents section of the Trust Center to review and download as needed for your records.

Published at N/A

Happy Data Privacy Week!

GeneralCopy link

At Hootsuite, we’ll be celebrating Data Privacy Week (https://staysafeonline.org/programs/data-privacy-week/) by hosting some fun and interactive information sessions for all our employees. Our privacy and security teams will be quizzing our employees’ on their knowledge of privacy and security practices.

During the rest of the year we adopt many other practices, including regular privacy and security training for all our employees; distributing privacy and security news updates; and integrating privacy and security at the highest level of our organization with the establishment of a Privacy Council and an Information Security Steering Committee. We also observe privacy by design principles, including conducting privacy impact assessments and reviews when implementing new product functionality, or new processes, or working with new vendors.

Our dedicated security team also continuously monitors our environment to protect our systems and your data. For more information on how we handle personal information, review our Data Privacy section on our Trust Center. For information about our security practices, check out the Whitepaper, “How Hootsuite Keeps Customer Data Safe”. Our Trust Center is continuously updated so please visit regularly to access the latest reports and updates.

Published at N/A

2023 UK Cyber Essentials certificate now available

ComplianceCopy link

Hootsuite's UK Cyber Essentials certificate is now available for your review. Please check out the Documents section of the Trust Center to review and download as needed for your records.

Published at N/A

2023 VPAT Reports now available

ComplianceCopy link

Hootsuite's VPAT reports are now available for your review. Please check out the Documents section of the Trust Center to review and download as needed for your records.

Published at N/A

2023 MongoDB Security Incident Update

IncidentsCopy link

As you may be aware, a security incident was disclosed by the MongoDB team recently. MongoDB has not found evidence of unauthorized access to their customers' data. Hootsuite did a careful review of our platform and IT infrastructure and determined that we are not currently impacted by this security incident. We will continue to monitor the situation and will post updates on our Trust Center as necessary. Please contact security.support@hootsuite.com if you have questions.

Published at N/A

2023 SOC 2 Reports now available

ComplianceCopy link

Hootsuite's third party led SOC 2 Type II audit reports are now available for your review. Please check out the Documents section of the Trust Center to review and download as needed for your records.

Published at N/A

New Whitepaper now available

GeneralCopy link

Learn about what matters most when it comes to the security of your social media management solution in our latest whitepaper, "How Hootsuite Keeps Customer Data Safe." Please check out the Reports section of the Trust Center to read the document in full.

Published at N/A

2023 Okta Vulnerability Update

VulnerabilitiesCopy link

As you may be aware, vulnerabilities were disclosed by the Okta team recently. Hootsuite did a careful review of our platform and IT infrastructure and determined that we are not currently impacted by this breach. We will continue to monitor the situation and will post updates on our Trust Center as necessary. Please contact security.support@hootsuite.com if you have questions.

Published at N/A

2023 HECVAT now available

ComplianceCopy link

Hootsuite's 2023 HECVAT is now available for your review. Please check out the Documents section of the Trust Center to review and download as needed for your records.

Published at N/A

Certificate of Insurance now available

GeneralCopy link

Hootsuite's updated Certificate of Insurance is now available. Please check out the Documents section of the Trust Center to review and download as needed for your records.

Published at N/A*

2023 Penetration Test Summary Letters now available

ComplianceCopy link

Hootsuite's third party led 2023 Penetration Test Summary Letters are now available for your review. Please check out the Documents section of the Trust Center to review and download as needed for your records.

Please note: for confidentiality reasons we do no distribute or share the full penetration report externally.

Published at N/A*

2023 MOVEit Vulnerabilities Update

VulnerabilitiesCopy link

As you may be aware, vulnerabilities were disclosed by the MOVEit team recently. Hootsuite did a careful review of our platform and IT infrastructure and determined that we are not currently vulnerable to the CVE-2023-34362 and CVE-2023-35036 vulnerabilities that were disclosed on May 31 and June 9, 2023. We will continue to monitor the situation and will post updates on our Trust Center as necessary. Please contact security.support@hootsuite.com if you have questions.

Published at N/A

California Privacy Rights Act (CPRA) Update

GeneralCopy link

The California Privacy Rights Act (CPRA) will come into effect on January 1, 2023. This amends and enhances the existing privacy law (the California Consumer Privacy Act) and it imposes new requirements on customers handling the personal information of Californian residents. We have prepared an Addendum to help our customers comply with these new requirements, and expanded the scope to include other US state privacy laws that are also coming into effect in 2023. Hootsuite's updated DPA is available here: https://hootsuite.com/legal/data-processing-addendum.

Published at N/A*

2022 OpenSSL 3 Vulnerabilities Update

IncidentsCopy link

As you may be aware, two high severity vulnerabilities were disclosed by the OpenSSL team this week. Hootsuite did a careful review of our platform and IT infrastructure and determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022. We will continue to monitor the situation and will post updates on our Trust Center as necessary. Please contact security.support@hootsuite.com if you have questions.

Published at N/A*

Welcome to the Hootsuite Trust Center

GeneralCopy link

As an organization that is security conscious and values security, we are excited to announce the official launch of the Hootsuite Trust Center. By using this portal, you can request access to our compliance documents, review our standardized questionnaires such as the SIG and gain a general understanding of our security & privacy posture.

Over time, our team will be making changes to this portal as we implement new tools and processes in our environment. You can use the Subscribe button to receive email notifications for when our team has an important update, such as if we have an updated compliance report or if we have a status update regarding a major security vulnerability that has been recently discovered.

-Your Hootsuite Security Support Team

Published at N/A

If you think you may have discovered a vulnerability, please send us a note.

Powered bySafeBase Logo