Try for free

Data security and privacy

We enable thousands of organizations to better understand their customers. Keeping your data private, secure, and compliant is fundamental to this effort.

We’re committed to ensuring the security, reliability, privacy, and compliance of our services.

We protect data with encryption in-transit and at-rest and provide administrative controls to enforce access controls.

We take regular data backups and test recovery, run penetration testing, encrypt all data at rest and in transit, conduct static code analysis and third party vulnerability scanning, sanitize our logs, secure individual customers at the database level, and many other cloud security techniques.

We’re not in the business of selling your data (anonymized or otherwise). You own your data and we will never sell it to third parties. We also won’t look at your data unless you give us permission for a support case.

Our security program

Dive deep into our comprehensive security policies and documentation.

Product security features
Infrastructure and network security
Data security and privacy
Business continuity and disaster recovery
Corporate security

SOC 2 Type II

We have received our SOC 2 Type II report demonstrating that Dovetail has the appropriate controls in place to mitigate risks related to security, availability, and confidentiality.

More on SOC 2


Dovetail has made information security and data privacy foundational principles of everything we do, and we recognize the importance of adhering to regulations to advance information security and data privacy for citizens of the EU.

Our commmitment

Security features

Features and processes in our product and day-to-day operations.

OpenID-based SSO

Single sign-on support via OpenID Connect, available in leading identity providers.

Encrypt in transit and rest

All data is encrypted in transit via TLS 1.2 and at rest with AES-256 encryption.

Access control

Control who can manage, view, and edit projects with granular project permissions.

JIT provisioning

Leverage domain-restricted sign up to provision user accounts as they need access.

Managed users

Ability to provide and revoke access to roles, and manage active user sessions.

Domain allowlisting

Restrict user provisioning to verified email addresses at your approved domains.

SOC 2 Type II

Established mitigation of risks related to security, availability, and confidentiality.


Dovetail adheres to the EU’s GDPR legislation on storage and deletion of user data.

Coming soon

A few of the security and privacy features we have planned.

Audit log

See an audit trail of all user actions in your workspace.

Data anonymization

Anonymize data as it’s uploaded to your workspace.

User roles

More granular user permissions.

See the roadmap

Dovetail, your insights hub

Translate your data into insights and bring your customer into every decision. Try for free.

Try for free


InsightsAnalysisScaleIntegrationsPricingLog in


About us
Security & privacyLegal

© Dovetail Research Pty. Ltd.
TermsPrivacy policy