Compliance & Privacy

Security icon

Security at Agora

Trust Agora for Compliance, Safety, and Security

Agora is a global company that works diligently to incorporate security into our products and services, meeting international standards.

As a Platform as a Service (PaaS), we MAY only collect Internet Protocol (IP) addresses and operational information necessary for providing our services. All other end-user data is managed by our customers in their own applications.

Bug Bounty Program: If you think you may have found a security vulnerability within any of our services, please contact our security team directly at security@agora.io.
Security icon

Security Features

Identity and Access Management

Secure your live interactive streaming with tokens that uniquely identifies authorized users to prevent unwanted guests from intruding into private engagement sessions.

Data Protection and Encryption

Agora Software Development Kits (SDKs) provides built-in AES128/256 support or customer provided third party encryption to protect all data transmitted between the end user and Agora services so you can choose how to secure your content.

Network Geo-Fencing

With Agora, you choose the global region(s) that your engagement experience operates within. Agora Geo-Fencing gives you the ability to designate live interactive streaming traffic within selected regions to help customers meet regional and local regulation needs.
White Papers icon

White Papers

Agora adopts Secure by Design and Defense in Depth principles when designing our security programs. Learn more about our product security and privacy protection.
PDF icon
Security White Paper
download
PDF icon
Privacy Protection White Paper
download

Compliance Certifications

Agora takes security seriously. Our organization, operating systems, and environment have received international recognition with these certifications:
ISO 27001:2022 logo

ISO/IEC 27001

The ISO/IEC 27001 standard provides companies of any size and from all sectors of activity with guidance for establishing, implementing, maintaining and continually improving an information security management system.
ISO 27017: 2015 badge

ISO/IEC 27017

ISO/IEC 27017 provides guidance and recommendations of implementing cloud-specific information security controls that aid the ISO/IEC 27001 standards, to ensure continuous management of security in a comprehensive
ISO 27018: 2019 badge

ISO/IEC 27018

ISO/IEC 27018:2019 is an international privacy certification that extends an Information Security Management System (ISMS) to protect personal data when being processed in a public cloud.
ISO 27701: 2019 badge

ISO/IEC 27701

Also referenced as PIMS (Privacy Information Management System), outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage data privacy
AICPA SOC logo

SOC 2 Report

A SOC 2 report shows how well Agora manages and protects your data. It focuses on key areas like the security, availability, integrity, and privacy of the systems that handle your information. This report is designed to provide insights on how Agora safeguards your data, ensuring that it’s secure, confidential, and managed with your privacy in mind.

Compliance with Regional Privacy Laws and Industry Regulations

GDPR emblem

General Data Protection Regulation (GDPR)

Agora is aligned with GDPR and is committed to providing GDPR-compliant products and services to our customers in the EU region or with our customers who conduct business within the EU.
Great Seal of California emblem

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act is the first comprehensive privacy law in the United States that aims to provide a variety of privacy rights to California consumers. Agora is aligned with CCPA through the implementation of Information Security and Privacy programs.
Medical emblem

Health Insurance Portability and Accountability Act (HIPAA)

Agora performs the role of a Business Associate under the definitions of HIPAA and maintains an ongoing HIPAA compliance program.
FTC emblem

Children’s Online Privacy Protection Act (COPPA)

COPPA requires that online services for children 13 years old and younger give parents direct notice of their information practices before collecting information from their children.​

Meet our Security Partners

DNY-GL logo

DNV GL

DNV GL is an international accredited registrar who provided ISO/IEC 27001, 27017 and 27018 certification services for Agora.
EY logo

Ernst & Young

Ernst & Young is a multinational professional service provider advising Agora on information security.
CONTACT
+1 408 879 5885
2804 Mission College Blvd.
Santa Clara, CA, USA 95054
Why Agora
Agora AdvantageProductsSolutionsPartnersSuccess Stories
Company
About UsBlogsCompliance & PrivacyManagementEventsCareersNewsroomInvestor Relations
GET STARTED
LoginPricingSupport PlansGet StartedDocumentationTalk to Us
Privacy PolicyCookie PolicyTerms of ServiceAcceptable Use PolicySitemapReport Abuse of Our Terms of ServiceManage My Cookies
Copyright © 2025 Agora    |    All rights reserved.