Product Trust

We are committed to keeping customer data secure, and operating our product in a transparent way.

Cookies

Windmill observes GDPR and the ePrivacy Directive, only using strictly necessary cookies to manage authentication, and customer sessions within the application.

Windmill does not currently use any first or third-party cookies for other purposes.

Data sub-processors

We use the following sub-processors to enable our operation:

Vendor Location Compliance Privacy Policy

Heroku

Cloud server hosting
United States ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3 View

Akamai

Cloud storage
United States ISO 27001, ISO 27017, ISO 27018, ISO 27701, SOC2 View

Sentry

Error & performance monitoring
United States ISO 27001, SOC 2 View

Twilio Sendgrid

Email Delivery
United States SOC 2 Type II View

Data principles

Windmill does not engage in the sale of customer data.