DocumentationCommerceAdobe Commerce as a Cloud Service

[SaaS only]{class="badge positive" title="Applies to Adobe Commerce as a Cloud Service and Adobe Commerce Optimizer projects only (Adobe-managed SaaS infrastructure)."}

Compliance and certifications

Last update: May 8, 2026

CREATED FOR:

  • Admin
  • Developer
  • Leader

Adobe Commerce as a Cloud Service is built on a foundation of trust, transparency, and rigorous compliance with global security and privacy standards. Adobe’s enterprise-grade security program ensures that Adobe Commerce as a Cloud Service meets the expectations of regulated industries and security-conscious organizations.

Industry certifications

Adobe maintains a comprehensive set of certifications and attestations for the infrastructure and services that power Adobe Commerce as a Cloud Service. These include:

  • SOC 2 Type II: Independent audits validate Adobe’s controls for security, availability, and confidentiality.

  • ISO/IEC 27001: Adobe’s Information Security Management System (ISMS) is certified under this globally recognized standard.

  • PCI DSS: Adobe Commerce infrastructure is PCI DSS compliant, ensuring secure handling of payment data. Customers are responsible for maintaining PCI compliance for their custom code and extensions.

  • GDPR and CCPA: Adobe provides tools and documentation to help customers meet their obligations under data privacy regulations.

For a full list of Adobe’s certifications and compliance documentation, visit the Adobe Trust Center.

Certification for practitioners

Adobe also offers role-based certifications for developers, architects, and business practitioners working with Adobe Commerce. These certifications validate expertise in secure implementation and platform governance. Learn more at the Adobe Certification Portal.

recommendation-more-help
commerce-help-cloud-service