Postman Trust Center
More than 20 million users and over 500,000 companies worldwide trust Postman as an API development platform. We have developed a comprehensive set of practices and policies to earn and keep your trust in Postman.
About Trust Center
Our Trust Center provides you with access to information about security, compliance, privacy, and reliability at Postman.
Your data security is important to us. We maintain a security-first culture across our organization and keep security at the core of everything we do.
We believe in a strong security foundation based on industry standards, compliance, and regulations. Postman adheres to GDPR, CCPA, and other privacy and security regulations to meet your compliance needs.
We know how important your data and privacy are to you. At Postman, we have implemented policies and programs to appropriately and securely manage these areas to ensure your peace of mind.
You depend on Postman products for your API lifecycle. We design with reliability in mind so you and your team can use Postman with complete confidence.
Compliance Certifications and Regulations
We comply with industry-standard certifications and regulations to ensure the security of our company and customer data.
General Data Protection Regulation (EU GDPR)
System and Organization Controls (SOC 2 and SOC 3)
Payment Card Industry Data Security Standard (PCI DSS)
Postman Shared Responsibility Model
While we continuously focus on doing our part to maintain high standards for security and complying with regulations, you also have a role to play in helping to ensure the security of your data. It's our responsibility to ensure that Postman products and services are safe and secure to use, and it's your responsibility to follow safe practices with the data you store within Postman.
To learn more about the things we expect our users to be aware of during regular product usage, please read the shared responsibility model guide.
Reach out to Postman Security
Our security team ensures the security of data stored with Postman and helps you keep your APIs secure by providing security-aware features, workshops, and content.
If you find a vulnerability in our service or website or want additional information about our security policies, you can contact us at firstname.lastname@example.org. You can use our PGP public key to encrypt your communications with us.
If you are reporting security vulnerabilities or if you are a security researcher, review our security reporting guidelines and policy.