SPRINKLR SECURITY & PRIVACY
A relentless commitment to security and privacy.
At Sprinklr, security, compliance, and privacy are foundational to our customer and investor trust. We are fiercely dedicated to safeguarding information assets and continuously enhancing the security and privacy of our customers' data.Security & Data Privacy
Explore Sprinklr’s certifications, assessments, and industry compliance status and dive deeper into the processes and features behind our platform and product security and privacy features. Discover how Sprinklr processes and safeguards information provided to us by our customers and get more details on our data transfer mechanisms, subprocessors, and find answers to frequently asked questions.
Sprinklr Platform Security
Safeguarding our customer information is of the utmost importance to Sprinklr. To demonstrate that commitment — and reduce customer exposure to risk — we’ve implemented the most comprehensive security standards, including web applications, optimized infrastructure, governance across all modern channels, network security, and more.
Product Security Features
We offer a number of features and support industry-standard controls in order to help protect your brand. Security features include role-based access permissions, access controls, single sign-on, two-factor authentication, IP restricted access, and more.
Secure Development Lifecycle Process
Our platform is developed internally by Sprinklr employees who receive regular training on secure coding practices. When we create a product, our security team works closely with engineering to inject security throughout every step of the development process – and the job is never “finished.” Sprinklr follows the Open Web Application Security Project (OWASP) standard security controls and other industry-standard control systems for application security.
Detection & Response
Sprinklr’s dedicated Detection & Response team is focused on threat detection engineering, vulnerability management, incident response and crisis communication management in order to support our customers in security incidents and beyond. Within scope are product operations, business system, and all corporate assets.
Infrastructure Security
Sprinklr’s production environment is completely virtual, running in an Infrastructure-as-a-Service (IaaS) third-party cloud environment. We also leverage additional IaaS providers’ security controls. Sprinklr partners with AWS, Microsoft, and Google data centers in the United States and Europe for data hosting.
Network Security
Sprinklr has implemented both reactive and proactive network security controls. We monitor network activity for anomalies 24/7 and respond to security events within minutes. Proactive controls such as firewalls, cloud security posture management, and network penetration tests ensure a very high degree of protection. All sensitive data is encrypted during transit.
Security Awareness & Training
At Sprinklr, we believe our employees are our first and strongest defense against cyber threats. Our employees are trained annually and regularly presented with security education and best practices in order to drive awareness, reduce risk and remain vigilant against potential threats. Annual tabletop exercises are also conducted to test our incident response plans.
Vulnerability Disclosure Program
Sprinklr utilizes a third-party Vulnerability Disclosure Program (VDP) for managing security vulnerabilities reported by the security community. For more information, please visit Sprinklr’s Vulnerability Disclosure Program
For more information and to request access to view compliance reports and more, visit and subscribe to the Sprinklr Trust Portal.
Security Governance
Sprinklr has aligned configuration, policies, procedures, and processes in place, which are reviewed annually, to help our organization achieve business objectives, address uncertainty, and act with integrity.
Security Certifications & Assessments
Sprinklr is regularly audited by third-party assessments, evaluating internal controls that protect the security, confidentiality, integrity, availability, and privacy of the information entrusted to us by our customers. Sprinklr maintains SOC1 Type II, SOC2 Type II, PCI-DSS, and ISO 27001 certifications as well as FedRAMP authorization.
Security FAQs
Build stronger customer trust on a foundation of robust data privacy measures
Sprinklr prioritizes safeguarding the personal information we handle — information provided to us by customers, the personal information we leverage from various sources to power our products, and the information we gather about consumers. We’re committed to protecting this data and using it solely to provide our services. Our Data Processing Addendum and Privacy Policy provide additional information.
Our compliance with privacy laws
At Sprinklr, data protection and information security are integral to our culture and values, fostering strong customer relationships. As a service provider and data processor, we view privacy as fundamental and support our customers in meeting data protection requirements. Our legal and compliance team, alongside security and product teams, closely monitors evolving data privacy regulations to ensure ongoing compliance with laws such as GDPR, CCPA, CPRA, and LGPD.
Sprinklr’s Data Protection Principles
Proportionality and Accountability
As a processor and service provider for our customers, Sprinklr processes customer data only as needed to provide our services. Sprinklr has internal policies, processes, and controls to manage data processing activities in accordance with applicable global data protection laws. You can read more about Sprinklr’s approach to data protection here.
Contractual Commitments
Sprinklr’s Data Processing Addendum (DPA) governs how we process data on behalf of our customers. It defines Sprinklr’s role as a processor, incorporates data transfer mechanisms, and outlines the technical & organizational measures in place to protect data from unauthorized access or loss.
Privacy Training
Sprinklr is committed to ensuring all of our employees understand their obligations under applicable data privacy laws. All new hires that join Sprinklr are trained on privacy and security during onboarding, and Sprinklr conducts annual refresher training, as well as tailored training for specific teams throughout the year.
Data Transfer Mechanisms
Sprinklr is committed to securing data transferred across geographic borders and leverages Standard Contractual Clauses, as well as additional technical and organizational measures, for such transfers. For more details, please refer to our White Paper on Data Transfers, available here, which you can use to inform your Data Transfer Impact Assessment.
Sharing Data
Sprinklr conducts careful due diligence on the privacy and security practices of third parties we engage to help us provide our services. All of our sub-processors must agree to and sign data protection agreements that include terms that are at least as protective as those that Sprinklr commits to with its customers. You can find our list of subprocessors here.
Data Subject Rights
Sprinklr puts customers in control through our in-product Privacy Center, which is available in the Sprinklr platform. Through the Privacy Center, customers can manage their data subject requests, such as access, deletion, and rectification, in real-time. Sprinklr also provides a privacy request form to assist with data subject requests directed at Sprinklr.
Privacy Resources
For more information and to view documentation related to Sprinklr’s privacy program, visit and subscribe to the Sprinklr Trust Portal.
Review our Privacy Policy
Sprinklr’s Privacy Policy provides details on how Sprinklr collects, uses, and shares information when you use our products, services, and website.
Access Sprinklr’s Data Processing Addendum
The DPA governs how Sprinklr processes data on behalf of our customers.
Contact Us
If you have any questions about Sprinklr’s approach to privacy, please submit your question.
For more information and to request access to view compliance reports and more, visit and subscribe to the Sprinklr Trust Portal.
Data Privacy FAQs