Security and Privacy

Adjust gives you complete visibility and control over your data.
Our dedicated full-time security team takes care of the confidentiality, availability, and integrity of the data processed and stored by Adjust.
Adjust’s information security management system is regularly audited by a reputable certificate authority TUV Nord, and accredited with ISO/IEC 27001 certification since 2020.

ISO/IEC 27001

The International Organization for Standardization (ISO) 27001:2013 is the international security standard establishing the requirements of a credible and effective information security management system. We are proud to maintain industry best practices providing continued confidentiality, integrity and availability of information as well as legal compliance to our customers.

Download our certificate here

ePrivacy

We’ve been ePrivacy certified since 2015 and have renewed the certificate in 2019. The certification covers the requirements of the General Data Protection Regulation (GDPR) for digital products.

Download our certificate here

GDPR & CCPA

Since the very beginning, we are committed to ensure  that our customers can use our products in compliance with all of the privacy laws. Adjust was GDPR compliant even before the existence of GDPR. We’re proud to say that we’re fully compliant with both GDPR and CCPA.

Adjust and GDPR
Adjust and CCPA
Adjust's general terms and conditions

Privacy Policy

We strongly believe that app users have the rights to transparency, data privacy and information security. That’s why Adjust has published a Privacy Policy that clearly defines what data is collected and how it is used.
Go to Privacy Policy
  • Adjust’s security posture leverages the security strategies of security by design and defense-in-depth, with the aim to reduce the attack surface. One such example is our infrastructure.

  • We improve reliability by operating a geographically distributed infrastructure in partnership with our IAAS provider. Each of our three data centers has been designed with layered security controls and hardware components completely redundant to eliminate single points of failure.

  • More significantly, the absence of traditional cloud platforms and virtualization technologies in our production environment allows us to avoid the exposure to many serious security risks from the very beginning of our asset lifecycle.

  • Our reduced exposure to security risks also explains our concise security accreditation. The more risks you are facing, the more security controls and certifications are needed to guarantee an adequate level of security.

  • Because of that, Adjust doesn’t need a plethora of certifications because our exposure to risks is much more restricted. That’s why ISO/IEC 27001 is enough to undertake effective risk management, tailored to our own business objectives and risk appetite.

Data Security

Adjust is the sole processor of the data it collects for its clients and nobody else has access to it. In other words, all the data Adjust collects on behalf of its clients is processed and stored exclusively on the servers which are in our full control.

Data in transit

Data at rest

Backups

Retention

Security Overview

Adjust is not the typical global SaaS company hosted by public cloud providers.
We instead opted in favor of hosting our infrastructure on bare metal servers in a single tenant environment. This gives us complete transparency in the administration of our systems and an increased capacity for tailoring them to our needs.

Access Control

Personnel Security

Network Security

Operations Security

System Security

Application Layer Security

Logging

Penetration Testing

Contact our Security Team

Keeping clients’ data private and secure is a top priority and a core value to Adjust. We take security, trust, and privacy seriously, so we appreciate the work of security researchers.
Whether you believe you have found a vulnerability in our systems, or you have any questions, feel free to reach out to our Security team at security@adjust.com