Security
Learn more about our data security practices and compliance measures.
Overview
Linear is built with best-in-class security practices to keep your work safe and secure at every layer. This includes state-of-the-art encryption, safe and reliable infrastructure partners, and independently verified security controls.
Refer to our Data Processing Agreement (DPA) for specific details: https://linear.app/dpa.
Certifications
Linear has completed SOC 2 Type II certification. To receive a copy of the report, email security@linear.app.
Data regions
When creating a new workspace, you have the option to select the region you want your data to be stored. The available options are:
- United States
- European Union
Most of the data associated with the workspace — including issue descriptions and uploaded attachments—will only be stored in the selected region. There are exceptions in which regardless of the region you select for your workspace, the following data will be stored in the United States:
- Information about the workspace, all user account information and user created API keys, used to authenticate users and direct them to the right region.
- Notification emails that are sent to workspace users will be stored in the U.S. for 7 days by our email sending partner.
- Usage data, used for analytical purposes.
- Workspace data and user account information used for analytical purposes. This data has been stripped of any information that might be confidential, including issue titles and descriptions, comment content, project names, team names, and document content and initiative names among others.
- User account information associated with any crashes that happen on the client or when processing a client or API request, in order to be able to debug crashes.
Report a vulnerability
You can read more about reporting any suspected security issues, what's in scope for reports, and other guidelines on our report a vulnerability page.