WSO2 Data Privacy and Protection
At WSO2, we are committed to safeguarding your data, respecting your privacy, and maintaining the highest standards of trust across our products and services. This page provides a transparent view of how we collect, use, store, and protect your information. Our privacy and data protection practices align with global regulations and industry-leading frameworks, ensuring your data remains secure and your rights are fully respected.
Our commitment to
privacy and security
WSO2 is dedicated to upholding the highest standards of privacy and data protection across all our products, services, and customer engagements. We recognize that trust is earned through transparency, responsible data practices, and strong security foundations.
Our commitment begins with a privacy-by-design and security-by-default approach, ensuring that data protection principles are embedded into every stage of our technology development and operational processes. We align our practices with global privacy regulations, industry frameworks, and recognized certifications to ensure consistent and reliable safeguards for our customers around the world.
We continuously evaluate emerging regulatory requirements, strengthen our controls, and adopt best practices to protect the confidentiality, integrity, and availability of personal data. Above all, we are committed to giving our customers clear choices, meaningful transparency, and the confidence that their information is handled lawfully, ethically, and securely.
Privacy and data protection
Regional privacy laws
As a global technology provider, WSO2 aligns its practices with major regional privacy laws. This alignment ensures that our products and services meet the expectations of customers operating in regulated environments. It also reflects our commitment to consistent, high-quality privacy protections, regardless of where your data is processed.
Privacy policy
Our privacy policy explains how WSO2 collects, uses, stores, and safeguards your personal information. It outlines the rights available to you, the controls we apply, and the measures we take to comply with global privacy requirements. This policy forms the foundation of our commitment to transparency and responsible data handling.
WSO2 Data Protection Addendum (DPA)
The WSO2 DPA outlines our contractual commitments regarding data processing, security safeguards, international transfers, and support for customer obligations under privacy laws such as GDPR.
Subprocessor list
To deliver certain cloud and support services, WSO2 engages carefully vetted subprocessors. Each subprocessor undergoes strict security, privacy, and compliance assessments to ensure they meet our high standards. We maintain full transparency by listing these third-party providers and their roles.
Data breach notification
WSO2 maintains a structured and proactive incident response framework. In the unlikely event of a data breach affecting customer information, we will assess, contain, and notify impacted customers promptly in line with applicable legal and contractual requirements.
Privacy FAQs
A set of commonly asked questions to help customers understand how WSO2 manages personal data, complies with global regulations, and supports privacy rights.