Last updated:

It is critical that everyone in the PostHog team follows these guidelines. We take people not following these rules very seriously - it can put the entire company and all of our users at risk if you do not.

Security policies

We are in the process of obtaining our SOC 2 certification, which has required us to put together a number of (short!) policies to ensure compliance. You will have been invited to Drata to review these and to complete security training as part of your onboarding.

All of our policies can be found in our Drata portal, so this section of the Handbook just serves to make these policies publicly available in case you need to refer back quickly, or if a customer asks. These are only linked as PDFs so we only need to keep the policies up to date in Drata.