Security and compliance at Onna

    Customer trust and data security are central to everything we do at Onna.

    In-platform security

    Role-based access control

    Onna has role-based user types to ensure different levels of access for administrators and standard users.


    Not only do each user type have specific rights within Onna, but special permissions can also be granted for access to additional features or the ability to perform tasks.


    Onna encrypts data while in transit and at rest. The Transport Layer Security (TLS) v1.2 protocol is used to secure all communication between the desktop and web client to the backend servers. At storage, Onna encrypts via AES256. Nothing is ever sent across the internet in clear text.

    Learn more about our platform

    Network and application security


    We are committed to maintaining the highest security and compliance standards

    We encourage you to use SOC 2 reports to assess and address the risks associated with our technology services. These reports capture how we safeguard customer data and the effectiveness of our controls. Request access from us and, once proper precautions have been taken, you can view our results.

    To request a copy of the SOC 2 report, please contact Support. A non-disclosure agreement is required and will be sent for electronic signature.

    Request SOC 2 report


    Acceptable Use Policy

    To review Onna’s Acceptable Use Policy, which sets forth the acceptable use of the Onna Service, click here.


    The use of cookies is common practice with all professional websites. To learn about how we use cookies, please review our cookie policy.

    Data Processing Addendum

    The Data Processing Addendum (the “DPA”) is incorporated into the Master Subscription Agreement (the “Agreement”). Click here to learn more.

    Privacy Policy

    Our Privacy Policy discloses the ways that Onna uses, discloses, and manages individual’s data when they interact with our website or use the Onna Service. To learn more, click here.

    Privacy Shield Policy

    Privacy Shield is a framework for regulating transatlantic exchanges of personal data for commercial purposes between the European Union and Switzerland to the United States. Onna’s Privacy Shield Policy describes how we comply with these frameworks, handle certain types of data and information, and the Privacy Shield Privacy Principles. Click here to read our Privacy Shield Policy.


    Onna’s online Master Subscription Agreement describes the terms of service, rights, and other terms. Click here to review.

    Trusted by 100+ leading organizations

    Security questions?

    If you have a question or concern, please get in touch with our security team.