Library / Vendor directory

Auth0

auth0.com · facts updated 1 hour ago

Privacy facts at a glance
Retention
Data retention is listed as a topic in the security trust center under 'Data Security' but no specific retention period is stated in the provided excerpts.
Transfer mechanism
EU-US Data Privacy Framework and Swiss-US DPF listed as compliance certifications; SCCs referenced in DPA but modules not stated in excerpts.
DPA available
Yes
Certifications
SOC 1 · SOC 2 · SOC 3 · ISO/IEC 27001:2022 · ISO/IEC 27017:2015 · ISO/IEC 27018:2019 · FedRAMP High · FedRAMP Moderate · PCI DSS v4.0.0 · HIPAA · CSA STAR Level 2 · FIPS 140-2
GDPR addressed
Yes
CCPA addressed
Yes

Tracked documents

Privacy policy
https://www.okta.com/legal/privacy-policy/ checked 15 hours ago
Terms of service
https://www.okta.com/legal/terms-of-service/ checked 15 hours ago
Data processing agreement
https://www.okta.com/sites/default/files/2021-11/OKTA-DPA.pdf checked 1 hour ago
Subprocessor list
https://www.okta.com/legal/trustandcompliance/subprocessors/ checked 56 minutes ago
Security / trust page
https://security.okta.com/ checked 20 hours ago

Recent changes

major Data processing agreement 1 hour ago

Auth0/Okta's DPA document was entirely removed with no replacement content added, indicating the document was deleted or replaced at this URL.

minor Subprocessor list 18 hours ago

Auth0's subprocessor list diff shows only navigation menu, header, and website chrome reformatting with no changes to actual subprocessor entries, data processing terms, or substantive policy content.

Public summary; per-account review history visible to subscribers tracking this vendor.

Track Auth0 in your workspace.

Get notified when Auth0 adds a subprocessor, changes retention, updates their DPA, or quietly amends their privacy posture.

Start tracking — 14-day trial
No card required.