Skip to main content

Trust Center

Ariga, the company behind Atlas, continuously evaluates the security and compliance needs of our customers and is continuously expanding the program as additional reports are requested. If your compliance team needs access to our report or other documents, drop us a line!

SOC 2 Type II (Since 2022)

System and Organization Controls (SOC) 2 is a report focusing on security, availability, confidentiality, processing integrity and privacy criteria contained in the Trust Services Criteria (TSC) as applied to an organization's systems and is designed to provide assurance about these controls to relying parties (our customers). Ariga works with independent external auditors to undergo an audit at least once per year addressing security, availability, confidentiality and processing integrity of Ariga

Our commitment to process only metadata

As a schema management tool, Atlas interacts with critical and sensitive data assets of our customers. This naturally raises concerns for compliance and security teams, as they are entrusted with protecting data on behalf of their own customers.

As part of our SOC 2 audit, we introduced Control #70 which states: "The company does not process or store records from the customer's managed databases, but only handles information schema and metadata related to them."

By incorporating this control, we have established a clear, auditable process that reinforces our promise to our customers and ensures that this principle remains at the core of how we operate moving forward.

Ariga respects the privacy of users of its websites and our social media pages and is committed to protect the personal information that our users share with us. We believe that you have a right to know our practices regarding the information we may collect and use when you visit and/or use our Sites and Social Media. Please read the following carefully to understand our views and practices regarding your personal information and how we will treat it.

Atlas End-user License Agreement (EULA)

This agreement governs the usage of non-community binaries we distribute

Atlas SaaS agreement

Terms and conditions for using the Atlas SaaS product

Data Privacy and the CLI

How data privacy is maintained when using the Atlas Command Line Interface (CLI)

Terms of use - Websites

Legal terms and conditions governing access to and use of Ariga's websites

Privacy Policy

How Ariga collects, uses, and protects user data and privacy

If your compliance team needs access to our report or other documents, drop us a line!

Service Availability

Atlas Cloud is hosted on cloud infrastructure with multi-availability-zone replication, automated failover, and daily encrypted backups. Atlas Cloud consistently maintains 99.9% uptime.

For real-time and historical status information, visit status.atlasgo.cloud.

Binary Distribution

Atlas binaries are served through two independent CDN platforms, each backed by their own availability SLA (100% and 99.9% respectively). If one CDN is unavailable, the other continues serving binaries.

Offline Operation

Atlas user licenses work offline by default. CI/CD licenses require a custom offline license available under the Enterprise tier.

For standard CI/CD setups, Atlas supports grant caching: after a successful atlas login --token --grant-only, a cached grant file allows pipelines to continue operating with Atlas Pro capabilities even without connectivity to Atlas Cloud.

Atlas also supports backup repositories for migration directories. When configured, Atlas automatically replicates every atlas migrate push to one or more backup storage locations (S3, GCS, or Azure Blob Storage) and handles fallback reads transparently. Together with grant caching, this ensures Atlas Cloud is never a single point of failure in your deployment process: both license grants and migration artifacts have independent redundancy, keeping your release pipeline resilient as part of your business continuity strategy.