At Bird, we serve a diverse range of clients and understand the challenges involved in protecting customer data. Our commitment to security and privacy is demonstrated through our adoption of best practice technical and organizational measures.
This dedication is reflected in our implementation and maintenance of an Information Security Management System, which is certified under ISO/IEC 27001:2022 standard. Additionally, our controls framework is audited against SOC 2 criteria with Type I, Type II and SOC3 reports. Bird goes beyond these certifications by adhering to local laws and regulations, conducting thorough employee screenings, encrypting data, and upholding data subject rights. These efforts ensure the ongoing security, privacy, and reliability of our platforms and services.
If you want to gain access to any of these documents you can email securitydocuments [at] bird.com
ISO/IEC 27001: 2022 Certificate
SOC2 Type I report for Bird Box
ISO/IEC 27001: 2022 Statement of Applicability
SOC2 Type II and SOC3 reports for Email Delivery System
ISO/IEC 27001: 2022 Scope Document - client version
Penetration Test Attestation Letters
Bird Security Policies
(client versions)
Compliance Assessment Package
SOC 2
Compliant

HIPAA
Compliant
GDPR
Compliant
ISO/IEC 27001: 2022
Certified