Vultr Host node uptime

VULTR Control Plane compliance

Current or in Process Attestations and/or Certifications:

  • SOC 2 Type 2
  • PCI-DSS

Vultr network uptime

2023 Compliance Roadmap

Planned Certifications:

  • CSA Star Level 1
  • ISO 27017:2015
  • SOC 2 Type 2

Vultr Compliance

Vultr is committed to meeting our customers' global risk and compliance requirements, including server availability, security, data protection, and privacy. Vultr is in process of a SOC 2 Type 2 attestation by our third party auditors. The attestation will be completed in January 2023 and the SOC 2 Type 2 report will be available in February 2023.
Vultr aligns our hosting services with data centers that are also committed to customer availability, security and privacy (see below). Vultr hosting services are deployed with compliance needs in mind so our customers can deploy their own compliance requirement based solutions (i.e., HIPAA along with executing a Vultr - customer BAA, PCI, etc.) at a geographically dispersed data center with the same compliance frameworks in place so that specific compliance controls can be carved out for the customer.
The Vultr compliance roadmap for 2023 is very aggressive, including ISO/IEC 27001:2013 certification and CSA Star Alliance attestation.
Security and compliance are shared responsibilities between Vultr, our customers, and any third parties who deliver solutions for Vultr. Vultr manages and secures the platform's control plane, networks, and cloud storage; the customer is responsible for their applications, data, middleware, OS, and storage. Additionally, the Vultr Compliance team has stringent policies, processes, and controls for vetting all third parties that may be required to deliver any Vultr product or marketplace solution. For questions regarding compliance, please email grc@vultr.com

Shared Responsibilities Image

Vultr has created US and international privacy policies that align with regulations such as CCPA, GDPR, LGPD, PDPL, and others. In 2023, several new privacy regulations will become active. In response, Vultr is implementing a unified privacy framework aligned to multiple global privacy regulations based on the NIST Privacy Framework. Vultr conducts an annual assessment with an independent legal team to review our privacy policies and controls. See our US and international privacy policies to learn more about how Vultr complies with regulations and discloses information. For any questions regarding privacy at Vultr, please email privacy@vultr.com

Datacenter Compliance

Datacenter SOC 1 Type II SOC 2 Type II ISO 27001 PCI-DSS NIST 800-53 HIPAA
Amsterdam
Atlanta
Bangalore
Chicago
Dallas
Dehli
Frankfurt SOC2 Type I
London SOC2 Type I
Los Angeles
Madrid
Melbourne
Mexico City
Miami
Mumbai
New Jersey
Paris
San Jose
Sao Paulo
Seattle
Seoul
Silicon Valley
Singapore
Stockholm
Sydney
Tokyo
Toronto
Warsaw

Additional resources

Compliance FAQs

FAQ

Are Vultr services GDPR compliant?

Vultr is committed to transparent and secure handling of all personal data on our network. Our processes have gone through an extensive procedural and legal review to ensure we fully meet the requirements set forth in the EU General Data Protection Regulation (GDPR) legislation.

What is Vultr's role with respect to GDPR?

Vultr acts as both a data controller and a data processor. Vultr acts as a data controller for customer information that we collect to process payments and provide customer support. When a customer uses our services to process personal data, Vultr acts as a data processor.

Does Vultr offer a Data Processing Addendum?

If GDPR applies to your organization and you need a DPA to satisfy GDPR requirements, Vultr will provide a DPA for eSignature. Please contact your account manager and/or make a request through the customer support system here.

How can I delete or retrieve the data I have with Vultr?

We've created a step by step document that shows you how to delete all your hosted data in our Vultr Docs section. Please review this guide: https://www.vultr.com/docs/vultr-data-portability-guide/.

Are Vultr services GDPR compliant?

Vultr is committed to transparent and secure handling of all personal data on our network. Our processes have gone through an extensive procedural and legal review to ensure we fully meet the requirements set forth in the EU General Data Protection Regulation (GDPR) legislation.