Trust Center

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

Welcome to the Freshworks Trust Center

This portal provides access to information and documentation related to Freshworks’ security, privacy, and compliance practices. Here you can review certifications, third-party attestations, compliance reports, and other materials commonly requested during vendor security and risk assessments.

Freshworks is committed to protecting customer data and maintaining transparency around our security and compliance posture. The resources available in this Trust Center are intended to support your due diligence process and help you better understand the controls and practices that underpin our services.

Documentation in this portal is reviewed periodically and updated as appropriate. If you require additional information or have questions regarding Freshworks’ security or compliance programs, please contact our security team for assistance.

Compliance

SOC 2 Type 2 Logo
SOC 2 Type 2
Cyber Essentials Logo
Cyber Essentials
Cyber Essentials Plus Logo
Cyber Essentials Plus
SOC 3 Logo
SOC 3
CCPA Logo
CCPA
UK Extension to EU-US DPF Logo
UK Extension to EU-US DPF
CSA STAR Level 1 Logo
CSA STAR Level 1
EU-US DPF Logo
EU-US DPF
Swiss-US DPF Logo
Swiss-US DPF
PCI DSS v4.0.0 Logo
PCI DSS v4.0.0
ISO/IEC 27001 SoA Logo
ISO/IEC 27001 SoA
ISO/IEC 27001:2022 Logo
ISO/IEC 27001:2022
SOC 1 Type 2 Logo
SOC 1 Type 2
ISO/IEC 27701:2019 Logo
ISO/IEC 27701:2019
Trust Center Updates

Freshworks Achieves SOC 1 Type II Attestation

Copy link
Compliance

Freshworks has successfully achieved SOC 1 Type II attestation, demonstrating that controls relevant to financial reporting are appropriately designed and have operated effectively over the defined review period (October 1, 2024, to October 31, 2025).

This independent third-party assessment provides assurance that Freshworks maintains robust internal controls that support financial reporting requirements, reflecting our continued focus on operational integrity, compliance, and transparency.

Reporting periods

  • Current report period: 01 October 2024 – 31 October 2025 (To address the remaining two months of 2025, we will be issuing a bridge letter to confirm the continued operating effectiveness of controls through year-end. The bridge letter will be issued before the end of January 2026)
  • Next report: Covering 01 January 2026 – 30 June 2026; expected to be available in September 2026, subject to completion of the independent audit process

The report is now available in our Trust Centre.

Documents

Featured Documents

COMPLIANCECyber Essentials
COMPLIANCECyber Essentials Plus
COMPLIANCEISO/IEC 27001:2022

Documents

Cybersecurity & Privacy Whitepaper
Business Continuity & Disaster Recovery Plan (BC & DR)
Technical and Organizational Measures
View more

Self-Assessments

CAIQ
SIG Core
SIG Lite
View more

Infrastructure

Status Monitoring
Cloud Service Providers
Network Time Protocol

Application Security

Responsible Disclosure
Code Analysis
Vulnerability Assessment and Penetration Test

Product Security

Audit Logging
Multi-Factor Authentication
Role-Based Access Control
View more

Data Security

Data Backups
Encryption-at-rest
Encryption-in-transit

Risk Profile

Data Access LevelRestricted
Impact LevelModerate
Recovery Time Objective4 hours
View more

Legal

Subprocessors
Data Processing Agreement
Privacy Policy
View more

Data Privacy

Data Breach Notifications
Data Privacy Officer
Data Protection Impact Assessment (DPIA)

Security Grades

SecurityScorecard
Freshdesk
Security Scorecard A grade

Training

Phishing Training
Security Awareness Training
If you need help using this Trust Center, please contact us.
Contact support
If you think you may have discovered a vulnerability, please send us a note.
Report issue
Built onSafeBase by Drata Logo