Security Certifications - Personal and Client Compliance

We keep Cybersecurity and availability at the heart of our products, infrastructure and company policies.

Regulatory Compliance

TuxCare is a division of CloudLinux and we adhere to the following regulatory and compliance standards.

SOC 2 (TYPE II)

CloudLinux’s SOC 2 Type II Report attests to our technical and internal operational controls regarding Cybersecurity and availability. Contact our Support team to read the Report.

PCI DSS

The Payment Card Industry Data Cybersecurity Standards (PCI DSS) certification safeguards cardholder data. CloudLinux complies with PCI DSS for every monetary transaction a customer makes. Contact our Support team to read the Self-Assessment Questionnaire (SAQ).

GDPR

CloudLinux guarantees full compliance with the General Data Protection Regulation (GDPR). Customer data and information are encrypted and accessible only by the customer. CloudLinux users can request deletion of their personal data at any time. Contact our Support team to activate your right of erasure.

HIPAA

CloudLinux complies with the Health Insurance Portability and Accountability Act’s hosting standards for protecting the private health information of our client’s patients.

CCPA

CloudLinux complies with the California Consumers Protection Act (CCPA) requirements, ensuring the protection of personal data and personal privacy when collecting and using customer information.

Protecting your information and privacy

Data Cybersecurity

Through industry-standard data protection, secure infrastructure, and third-party verification, CloudLinux ensures data Cybersecurity across our product ecosystem.

Data Ownership

Your data and information are yours—we do not, and will not, sell or rent your or your team’s information. We don’t help third parties advertise their products to you.

Secure Infrastructure

CloudLinux infrastructure is built to protect your data according to high industry standards.

Data Hosting

CloudLinux hosts data in reputable data centers in US and Europe regions and ensures continual product availability by using native backup tools. Industry-leading infrastructure providers are certified as compliant with ISO 27001 and have received a SOC 2 (Type II) report.

Data Encryption

CloudLinux encrypts all data in transit and at rest. Data transfer is protected using the industry-standard TLS 1.2 protocol, while data at rest is encrypted using AES-256 server-side encryption.

Cybersecurity is embedded in our culture

Maintaining a secure company, product, and infrastructure is top of mind at CloudLinux across teams and departments. Our rigorous Cybersecurity policies and procedures are woven into how we operate as an organization with integrity and ethics.

Dedicated Cybersecurity team

CloudLinux in-house team of Cybersecurity specialists is focused on ensuring Cybersecurity across the company—in our product and infrastructure, as well as in all operations. The team also oversees risk management and standards compliance. Company executives are directly involved in overseeing Cybersecurity strategy.

Internal training & monitoring

CloudLinux employees complete mandatory annual training on a wide range of privacy and Cybersecurity topics.

Access management

CloudLinux adheres to the principle of least privilege—employees’ data access rights are regularly reviewed to ensure only minimum required privileges are granted. All required workstations run on centrally controlled endpoint-management software that enforces Cybersecurity configurations and protection solutions.