Security & privacy

Your security, safety, and privacy is our top priority — and we build Notion accordingly.


Data protection

Data encryption

Notion encrypts your data aligning with industry-tested and accepted standards. We use TLS 1.2 to encrypt network traffic between users' browsers and the Notion platform. We also use AES-256 bit encryption to secure your database connection credentials and data stored at rest.

Secure, reliable infrastructure

Notion uses Amazon Web Services (AWS) data centers for hosting. AWS data centers are monitored by 24×7 security, biometric scanning, video surveillance and more.

Organizational security

All employees complete ongoing security training, including topics like information security, data privacy, and password security. Notion maintains vendor risk management practices to ensure third parties are scrutinized and maintain expected levels of security controls.


Access & controls

Ensure the right people can access Notion at the right time with our user management tools.

Manage access and provisioning

Permission groups

Fine-tuned permission controls allow enterprise admins to set workspace-level rules, specify whether employees can share pages externally, and set parameters for guest privileges.

Hand writing

A team of experts and a community of builders

General Data Protection Regulation (GDPR)

We are committed to GDPR compliance and offer several data portability and management tools. Explore more here, including information about our practices, sub-processors, and our Data Processing Agreement.

SOC 2 compliance

We have a SOC 2 Type 2 report by our third party auditor certifying that our security policies and controls continuously meet the highest industry standards. This is available upon request under NDA for qualified customers.

Learn about our enterprise plan

Interested in advanced security and control? Let us know your needs and we can help!

By submitting this form, I acknowledge receipt of the Notion Privacy Policy.

Fields marked with an asterisk (*) are required.