- Proton has announced its successful ending of a SOC2 type II audit
- The rigorous audit verifies the proper implementation of security controls
- It is one more proof that Proton can help companies comply with compliance
Proton AG has announced its completion of another independent audit, demonstrating even more the seriousness with which user data and privacy are needed.
Finished in July 2025, it is the first time that the provider behind Proton’s Privacy Tools, which includes one of the best VPN email services and encrypted in the market, has achieved the SOC2 type II certificate. This, however, adds to the growing number of third -party audits that the Swiss company has suffered.
The external audit, made by Schellman, included interviews and documents of documents to determine that Proton’s internal security controls are correctly implemented.
What is soc2 type II and why does it matter?
SOC2 Type II is a recognized compliance standard that evaluates how a company manages customer data.
More than verifying that a company has specific security controls, it evaluates its effectiveness for a prolonged period of time, usually several months.
The independent third -party audit was made by Schellman, an audit firm that specializes in certification and certification services.
Proton has completed a SOC 2 type II certification. It adds to our ISO 27001 certification and compliance with GDPR and the Swiss DPA. What does that mean?July 22, 2025
Completing the SOC2 Audit Type II demonstrates that Proton not only has strong security measures, but constantly follows them.
“Proton’s SOC 2 II certification shows that our security is not only technical, it is operational,” said Proton Security Chief Patricia Egger, in a statement on the Proton website.
The news indicates to companies that Proton has strong internal controls for data security. It also helps them meet their own compliance requirements, such as GDPR, and the confidence that confidential data is managed in a responsible manner.
A growing body of evidence of proton’s security
A growing number of technology companies is presenting their systems to independent audits to provide transparency and encourage trust.
With the SOC2 type II audit, Proton has gone a step further than most. It joins Nord Security, the company behind Nordvpn, whose NordPass and Nordlayer products have passed the same audit.
Proton’s last audit adds to a growing body of evidence of its commitment to the safety of the data and privacy of its users. It continues to Proton receiving its ISO 27001 certification in May 2024, an international standard to manage information security.
Proton VPN also had its audited NO-Logs policy independently by Securitum in July 2024. Independent audits of Non-Logs policies are more common, and Surfshark and ExpressvPN’s tastes recently have their registration claims verified as well.
You may also like
