Comment on page
Compliance Resources and Certifications
On this page, we provide you with resources around compliance of Rocket.Chat with industry standards, regulations and best practices. Also our certifications are listed here. Contact our specialists for further information under mayara.santos@rocket.chat.
Scope: Hosted Offering, App Store, Software Development

Rocket.Chat is ISO 27001 certified. ISO 27001 is an internationally recognized standard for information security management systems. Our organization is audited on an annual basis by an independent third-party auditor to verify the design and operational effectiveness of the management system.
- Certificate:
Certificate 2023.pdf
2MB
PDF
ISO 27001 certificate 2023
Certificate 2020.pdf
522KB
PDF
ISO 27001 certificate 2020
- Name: ISO 27001 Information Security Management Systems
- contains a list of controls and whether they are applicable or not
- Certifying body: QMS Certification Services
- Original certification date: June 2020
- Validity: June 2023 - June 2026
- Use cases for Rocket.Chat users: due diligence, security review, regulatory compliance, internal audit, supply chain audit.
Scope: Hosted Offering


Rocket.Chat holds a SOC 2 Type I attestation report and received an unqualified opinion attestation, according to the auditor, our controls were suitable designed and provide reasonable assurance Rocket.Chat can meet its service commitments and system requirements.
This report is a point-in-time review intended to offer assurance that the internal controls are effectively designed and implemented. It offers a glimpse of the control environment, highlighting control adequacy.
- Report type: Type I
- Trust Service Criteria: Security, Confidentiality and Availability
- Issued by: Prescient Assurance LLC (registered CPA firm)
- Date: 25 October 2023
- Validity: October, 2024
- Letter of Attestation: see attachment below.
Rocket.chat Technologies Corp._Letter of Attestation SOC 2 Type 1.pdf
69KB
PDF
- SOC2 Type 1 report: the disclosure to customers and prospects require an NDA to be signed prior making it available.
- 1.Check if the propect or customer has an NDA in place.
- Prospects: make sure there is a signed NDA in CRM - If you need guidance about NDAs, please check this page https://app.gitbook.com/o/-M41dOPtnjO7qK6KCyrt/s/-M7iRWz196Rdn-5pW5QY/operations/revenue-operations/selection/mutual-nda OR
- Active customers with signed customers terms: jump to step 2.
- 2.notify aline.nunes and mayara.santos and provide the email address the report needs to be sent to.
- 1.Contact your account manager or send an email request to [email protected].
Last modified 21d ago