Bitwarden Security and Compliance
Our commitment to security, privacy, and compliance with international standards
Protecting Customer Data
Bitwarden serves customers globally, helping them protect, store and share their sensitive data. Protecting customer data remains paramount to our company mission and Bitwarden complies with industry standards, conducting regular audits shared transparently with users. Through an open source approach, Bitwarden software is viewed and scrutinized by an engaged community around the world.

GDPR
Bitwarden complies with GDPR and current applicable EU data protection rules. In addition, Bitwarden uses and complies with EU Standard Contractual Clauses (SCCs).
See the Bitwarden Privacy Policy

Privacy Shield
Bitwarden complies with the EU-U.S., Swiss-U.S. Privacy Shield Frameworks.
Privacy Shield Framework

HIPAA
Bitwarden is officially HIPAA-compliant after receiving a HIPAA Security Rule Assessment Report from AuditOne in December 2020.
Bitwarden HIPAA Compliance

CCPA
Bitwarden is compliant with the California Consumer Privacy Act (CCPA).
Third-party Security Audits
2021 Bitwarden Network Security Assessment Report
Read the PDF Report
2021 SOC 3 Report
Read the PDF Report
2020-2021 SOC 2 Type II
Read the blog post
2020 Bitwarden Network Security Assessment Report
Read the PDF Report
2020 SOC 3 Report
Read the PDF Report
2018 Security Assessment Report
Read the PDF Report
Open Source Codebase
Codebase on GitHub
Bitwarden is focused on open source software with the entirety of the codebase available on GitHub.com.
github.com/bitwarden
Security Information & Resources
Independent Security Researcher Public Bug Bounty Program
Bitwarden partners with leading security researchers through HackerOne to improve our software.
Bug Bounty Program
Cloud Hosting
The Bitwarden cloud service is hosted on Microsoft Azure.
Microsoft Azure Compliance Offerings
The Bitwarden Security & Compliance Program
Bitwarden is committed to ongoing investments to help you better understand how Bitwarden products and your data are secured and protected. For more information, read:
The Bitwarden Security Whitepaper
Zero Knowledge Encryption
Bitwarden takes a zero knowledge encryption approach to password management, meaning every piece of information in your Vault Is encrypted. For more information on this approach, please see:
How End-to-End Encryption Paves the Way for Zero Knowledge
Vault Security in Bitwarden
For information on how Bitwarden Vaults are protected, including options for Bitwarden client applications, please see:
Vault Security in the Bitwarden Password Manager
Security FAQs
Visit the Security section of our help site for more information on Bitwarden security, or jump directly to one of the following: