Customer Trust

Fastly maintains transparent and ethical practices.

Trust is a crucial factor in the success of your need to feel assured that your personal information, financial details, and overall online experience are safe and dependable. To learn more about Fastly’s security and compliance, legal terms, privacy, and corporate values and ethics, please visit the resources below.

Hero image
Safeguarding data

Privacy & data protection

Privacy and data protection are a vital aspect of our digital landscape, encompassing measures and practices aimed at safeguarding sensitive information from unauthorized access, use, or disclosure. Fastly plays a crucial role in providing data protection by implementing various mechanisms and safeguards.

PCI compliance

How Fastly enhances PCI compliance

Fastly's infrastructure is designed to meet the rigorous requirements of Payment Card Industry Data Security Standard (PCI DSS) compliance, ensuring that your data remains protected during online transactions. By leveraging Fastly's CDN services in coordination with your configuration of the services, you can confidently deliver your content while adhering to PCI DSS regulations, safeguarding sensitive payment information and maintaining a secure online environment for your customers.

Comprehensive security program


Fastly operates a comprehensive information security program that includes administrative, physical, and technical safeguards to protect our infrastructure, data, services, and customers. The foundation of Fastly's security program is based on the NIST Cybersecurity Framework consisting of annually reviewed security policies, designated roles and responsibilities for our experienced professionals, and formal procedures developed focused on risk.

Regulatory and audit standards


Fastly believes in providing the right security for its customers and regularly measuring our security program. We maintain audits and supporting documentation for the following regulatory and audit standards - ISO/IEC 27001:2013, SOC 2 Type 2, GDPR, PCI DSS, and HIPAA.