Trust Portal

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

Overview

Welcome to Instacart's Trust Center portal. The commitment to data privacy and security is paramount to our business. Use this portal to learn about our security posture as well as request access to documentation.

Frameworks and Certifications

CCPA Logo
CCPA
PCI DSS Logo
PCI DSS
SOC 2 Logo
SOC 2

Documents

Featured Documents

REPORTSSOC 2 Report
FRAMEWORKS AND CERTIFICATIONSPCI DSS
REPORTSPentest Report
REPORTSHIPAA Report
POLICIESInformation Security Program Charter

Risk Profile

Data Access LevelInternal
Impact LevelModerate
Recovery Time Objective24-48 hours
View more

Product Security

Audit Logging
Data Security
Role-Based Access Control

Reports

HIPAA Report
Pentest Report
Security Notifications
View more

Self-Assessments

CAIQ
SIG Lite
VSA Core

Data Security

Access Monitoring
Data Backups
Data Erasure
View more

App Security

Responsible Disclosure
HackerOne Mark
Application Penetration Testing
Bot Detection
View more

Legal

Cyber Insurance
Data Processing Agreement
Privacy Policy
View more

Data Privacy

Cookies
Data Breach Notifications
Data Privacy Officer
View more

Access Control

Data Access
Device Lock
Internal Single-Sign-On (SSO)
View more

Infrastructure

Amazon Web Services
Anti-DDoS
BC/DR
View more

Endpoint Security

Anti-Malware
Disk Encryption
DNS Filtering
View more

Network Security

Bot Detection
Distributed Denial of Service Protection (Anti-DDoS)
Firewall
View more

Corporate Security

Asset Management Practices
Email Protection
Employee Training
View more

Policies

Information Security Program Charter

Security Grades

Qualys SSL Labs
Landing Page
A+

Incident Response

Designated Response Personnel
Incident Reporting Process

Risk Management

Risk Assessments

BC/DR

Business Continuity Plan (BCP)
Disaster Recovery Plan (DRP)
Failover/High Availability

Training

Employee Privacy Training
Security Awareness Training
Training Records

Change Management

Change Management Program
Change Restrictions
Trust Portal Updates

Instacart's Storefront Pro Subprocessor Update

Copy link
Subprocessors
August 2, 2024

As we continue to build and improve our platform, Storefront Pro will be leveraging GiveX as a Loyalty Program Provider to process data in service of the application. This serves as notification that GiveX will be added as a new Strorefront Pro subprocessor.

Instacart's Annual Penetration Test

Copy link
General
March 1, 2024

The 2024 Instacart annual penetration test executive summary is available for download.

Instacart's Information Security Program Charter

Copy link
Compliance
February 21, 2024

The Instacart Information Security Program Charter has replaced the Instacart Information Security Meta Policy. Additionally a table of contents has been added for validation of the security policy set.

Vendor Third Party Terms

Copy link
Compliance
January 25, 2024

Instacart's Third Party Data Terms have been updated to remove an outdated term for "Exhibit A" and replaced with reference to "Addendum."

Instacart's Response to the 2022 OpenSSL 3 Vulnerabilities

Copy link
Incidents
November 3, 2022

Instacart's response to OpenSSL can be viewed here by our Retailer Partners.