JFrog Trust Privacy Center


JFrog has taken best practice measures to ensure compliance with the General Data Privacy Regulation (GDPR) and the California Consumer Privacy Act (CCPA) which provide companies with frameworks on how to process and protect individuals Personal Data. Guided by our Privacy Team, JFrog employees worldwide safely care for Personal Data in accordance with the GDPR and CCPA guidelines.

In addition, JFrog is certified under ISO 27701, the data privacy extension to ISO 27001. This Privacy Information Management System outlines a framework for data controllers and data processors on how to manage privacy controls and to reduce the risk to the privacy rights of individuals, by putting systems in place to support compliance with GDPR and other data privacy requirements. A copy of the certificate can be downloaded here.


A list of JFrog Sub-Processors is available here.

You can learn more about the way JFrog handles Personal Data and our security measures by visiting our Privacy Policy and Trust Center.

With regards to JFrog’s privacy commitment to our Customers, please see our Cloud Data Processing Addendum and Technical and Organizational Measures.

For any questions regarding GDPR, CCPA and data protection at JFrog, please contact privacy@jfrog.com.

  • Data Protection at JFrog – FAQs

    Expand all
      1. What service does JFrog offer?
      2. Is JFrog a data processor or a data controller?
      3. Does JFrog have a Data Processing Addendum?
      4. Is JFrog certified under ISO 27701?
      5. What kind of personal data is processed by JFrog?
      6. Does JFrog process sensitive/special categories of personal data?
      7. Who are the data subjects?
      8. Where is the personal data hosted?
      9. How long will the personal data be retained for?
      10. Does JFrog use Sub-Processors?
      11. Does JFrog conduct vendor due diligence?
      12. Does JFrog rely on the Standard Contractual Clauses?
      13. Does JFrog maintain Technical and Organization Measures?
      14. Is JFrog subject to law enforcement requests?
      15. Does JFrog conduct mandatory training for employees?
      16. Does JFrog have an Incident Response Plan?
      17. Did JFrog experience a personal data breach in the last three (3) years which had to be reported to a Data Protection Supervisory Authority?
      18. Can JFrog assist in completing data subject requests?
      19. Who can provide additional information regarding data protection at JFrog?

Powering the Software
that Powers the World

It’s our Liquid Software vision to automatically deliver software
packages seamlessly and securely from any source to any device.