VTEX Trust Center

Welcome to our compliance portal

Learn more about how we protect your data.

Go to the Portal
services conected

Leading brands adopted VTEX's headless and composable approach

Certifications

Third party verifications are key to a thorough compliance management. Our world-class certifications are not only a requirement from our clients and regulators, they reflect a commitment to outstanding privacy, security and compliance standards.

ISO/IEC 27001:2022

Internationally recognized standard for managing information security systems.

Download

SOC 1 - Type 2

Audit verifying internal controls over financial reporting.

Get access
SOC2 TYPE2

SOC 2 - Type 2

Audit assessing the platform’s Security, Availability, Integrity, Confidentiality, and Privacy practices.

Get access

PCI-DSS

Certification validating cardholder data controls to prevent credit card fraud.

Get access
PCI DESV

PCI-DESV

Certification for ongoing effectiveness of PCI DSS controls.

Get Access
DPF

Data Privacy Framework (DPF)

Official recognition for our solid data privacy practices.

Download

How do we manage Information Security at VTEX?

Information security permeates multiple layers of our organization, from strategic governance to daily operations.

Security

Security

Information security is our top priority. We embed protection practices into every aspect of our products and operations.

privacy

Privacy

We adhere to global, regional, and industry-specific regulations, empowering your company to meet compliance requirements.

reliability

Reliability

Our infrastructure supports businesses of all sizes, offering flexibility and compatibility tailored to their needs.

compliance

Compliance

We uphold the highest standards of compliance, ensuring our practices align with global regulations and industry benchmarks to protect your business.

Security by Design and by Default

From code development to our ties with the ecommerce ecosystem, your onboarding is always safe.

Shared Responsibility Model

This document outlines the security roles of VTEX, customers, and partners, ensuring collaborative efforts in data protection and compliance.

Help Center

Your go-to resource for security information. Access beginner tutorials, reference guides, and troubleshooting articles.

Developer Portal

A comprehensive guide to VTEX’s security measures, including authentication, access control, logging, attack protection, and incident response.

Data Privacy

Following regulations is just the beginning. Our product, infrastructure and data governance practices have a look at each aspect of the personal data lifecycle.

Global Privacy Compliance

Our platform fully complies with the General Data Protection Regulation (GDPR), US privacy laws (CCPA, CPRA, HIPAA, VDCPA), LATAM regulations, among others around the globe. And we are ready to meet any privacy requirements our merchants may have.

Privacy Notices

Our Privacy Notices explain how we collect, use, store, share and safeguard personal information.

Data Processing Addendum

Our Data Processing Addendum (DPA) outlines how we securely process personal data on behalf of customers.

VTEX Shield

Advanced security to protect your data and monitor threats

Empower your teams with custom protection tools to monitor, protect, and mitigate security, compliance, and privacy risks.

Learn more

Compliance

VTEX is unwavering in its commitment to integrity, maintaining ethical and transparent operations. Our dedicated team ensures strict compliance with legal and regulatory standards, reinforcing trust through global best practices.

Code of Ethics and Conduct

The Code of Ethics and Conduct outlines VTEX’s core guidelines, ensuring all VTEXers understand the expected conduct and feel confident in making transparent, responsible decisions.

Code of Ethics and Conduct for Third Parties

The Code of Ethics and Conduct for Third Parties defines the ethical standards VTEX expects from its stakeholders.

Anti-Corruption Policy

The Anti-Corruption Policy aims to prevent bribery, avoid misconduct, and ensure VTEX responds promptly and effectively to any inquiries about its actions.

Ethics Channel

VTEX's Ethics Channel is a secure, confidential platform, managed by a trusted third party, that allows employees and stakeholders to anonymously report unethical or improper conduct, ensuring transparency and accountability.

Access the channel

Skip the sales pitch - get real answers

Get in touch directly with a Technical Commerce Solution Engineer

  • Get tailored advice for your specific business needs.
  • Learn which products are right for you.
  • Request a demo.
  • Get pricing details.

Leading brands adopted VTEX's headless and composable approach