Data security and
privacy commitment

At Avo, we take data seriously. We ensure your data is encrypted, protected, and secure at every step of the way.

GDPR Compliant

SOC 2 Type 2 Compliant

Avo doesn't collect any user data.

Avo only collects the shape and type of data, not values. This means most organizations won't even need to change their privacy policy when implementing Avo.

What does that look like in action?

If you think about an order event, for example, your app will probably have sensitive information like user IDs or email addresses.

Avo sees only the names and types of those data points, not the values.

We use this metadata to validate and monitor your data quality in relationship to your tracking plan.

Network and Application Security

All data is transmitted over encrypted connections and stored encrypted at rest. We use TLS and AES-256 for encryption.

The Avo service is run on modern, secure Google cloud infrastructure, with all data residing in the U.S.

Company & Employees

MFA (multi-factor auth) is used to access the infrastructure console and is restricted to individual administrators.

We conduct annual pentests, as well as business continuity and disaster recovery plans in place that are tested bi-annually.

Product & Customer Teams

Avo supports SAML SSO and Google OAuth authentication. Learn more about available authentication methods in the docs.

Your data is yours to own and we will never share or sell your data.

Audit logs are available for all movements within Avo.

Learn about our Responsible Disclosure Policy here.