---
title: "SOC 2"
slug: soc-2
description: "Resend is SOC 2 Type II compliant. We partner with third-party firms to conduct regular audits."
image: /static/cover-soc-2.png
updated_at: "2024-11-28"
---

## What is SOC 2?

SOC 2 is an audit report developed by the American Institute of CPAs (AICPA).

The audit evaluates controls related to security, availability, processing integrity, confidentiality, and privacy of a system.

There are two types of SOC 2 reports:

- Type I: checks if a company is compliant at a point in time.
- Type II: confirms that a company is still compliant during an observation window (typically 6 months).

Resend is SOC 2 Type II compliant.

## Why is SOC 2 important?

SOC 2 is not mandatory in a legal sense, and certification isn't required by law.

Still, we believe that SOC 2 is crucial because it encourages companies to have solid controls in place to protect customer data.

For us, this isn't a short-term growth play but the beginning of a long-term security investment.

## Who audited Resend?

The auditing was done by [Advantage Partners](https://advantage-partners.com) which has a track record of partnering with many SaaS companies.

Resend also uses [Vanta](https://vanta.com) to monitor, collect, and submit evidence to auditors.

## When were you audited?

The reporting period is from February 1, 2024 to February 1, 2025.

## How can I access the SOC 2 report?

You can download a copy of the report on the [Documents](/settings/documents) page.

## Can you answer a questionnaire?

If you have a questionnaire that needs filling, please [contact us.](/contact)