Trust Center
Keeping your data secure is our highest priority. Here’s what we do to protect it.
Security Compliance
At TransferHub, data security is our highest priority. We ensure that data remains protected from unauthorized access and is readily available when needed by employing best practices and adhering to industry standards in security and privacy.
SOC 2
We undergo regular third-party audits as a part of our SOC 2 Type I compliance program. A copy of our most recent SOC 2 Type 1 report is available to clients upon request.

Downloads:
The following links are the up to date version of these documents.
Our Security FAQ provides comprehensive answers to common questions about how TransferHub ensures compliance, manages risk, and protects customer data. Learn about our regulatory compliance, independent audits, data encryption practices, incident management, and platform security. We also cover risk assessments, employee training, identity management, and how we maintain secure, high-availability systems. For further inquiries, reach out to us at security@transferhub.io.
Our Support Policy outlines the service and support provided for TransferHub’s platform, including incident severity levels, response times, and resolution goals. It guarantees 99.5% service availability for production environments, with guidelines on service credits for downtime. The policy also includes limitations on certain aspects of the service, such as file size restrictions and other usage limits.
Our Privacy Policy outlines how TransferHub collects, uses, and protects your personal data. It details the categories of data we collect, how we use that information, and your rights regarding your data, including access, correction, and deletion. We are committed to maintaining the security and privacy of your data in compliance with applicable laws. For more information, please contact support@transferhub.io.
TransferHub’s Data Integrity Policies emphasize the protection and availability of data, ensuring it is secure from unauthorized access. Hosted on AWS and aligned with best practices, the system supports GDPR compliance and allows data storage in the U.S. or EU. Data is encrypted both in transit and at rest, with access restricted to authenticated users through strong identity controls. The infrastructure is protected by firewalls and secure networks, and all activity is logged and monitored for suspicious behavior. Regular security updates, vulnerability assessments, and disaster recovery measures help maintain data integrity.