At LambdaTest, we deeply value our user's privacy. We will put our best foot forward to protect and defend it. We truly believe in being transparent with our users so that both people and organizations can control their data and have the freedom to decide how their data can be used. We will empower and strongly defend the privacy choices of every customer who uses our platform.

In this period of rapid technological and regulatory change, it has never been more important to take a considered approach to protect personal data. From the European General Data Protection Regulation (GDPR) to new US state laws like the California Consumer Privacy Act (CCPA), we know how much effort it takes to assess and manage privacy risks. That’s why LambdaTest builds its products & services with an eye toward minimizing that effort for our customers.

Our Cloud Testing Platforms provide industry-leading functionality with a minimal collection of personal data and an emphasis on security. Privacy and security considerations are baked directly into our product development process so customers can focus on things that matter the most,i.e. their tests.


LambdaTest prioritizes customer trust. We know that the security and integrity of customer data are important to our customers’ values and operations.

LambdaTest’s Commitment to Privacy & Data Protection

We're committed to protecting and honoring your privacy and rights through our product, infrastructure, and data governance practices.

We have a comprehensive global privacy and data protection compliance program that aligns our practices with regulations such as the General Data Protection Regulation, California Consumer Privacy Act, and other applicable privacy and data protection laws/acts, which take a unified approach to privacy and information governance to give Customers. LambdaTest helps customers maintain control of their privacy and data security in a myriad of ways:

  • Product Security
  • Cloud Security
  • Data Security
  • Application Security
1. Authentication Security
2. Additional Product Security Features

Authentication Options

LambdaTest has several different authentication options: users can enable LambdaTest platform authentication, integrating in test scripts, integrating with GitHub, etc. And, also Single sign-on (SSO), and/or Enterprise SSO (SAML,) for user authentication options available.

Learn about user access arrowLearn about GitHub Integration arrowLearn about SSO arrow

2-Factor Authentication (2FA)

LambdaTest authentication for platforms available through the Manage Team offers 2-factor (2FA) authentication as well.

Service Credential Storage

LambdaTest follows secure credential storage best practices by never storing passwords in human-readable format and only as the result of a secure, one way hashing with a random salt using industry-standard techniques.

Frequently asked questions

1. What type of Data Does LambdaTest Process and Store?
LambdaTest processes and stores two categories of data from its Customers while providing LambdaTest Services.
  • LambdaTest Account data
  • Test execution data
2. What is LambdaTest Account data?
The first category of data is any PII other than 'Test execution data' provided by the Customer during the Services and includes PII to any employee, user, or customer personnel. We refer to this data as 'LambdaTest Account data.' PII contains names and email addresses.
3. What is Test execution data?
The second category of data is any information, including PII, which is stored and processed in or transmitted via the LambdaTest platform by, or on behalf of, our Customer. We refer to this data as 'Test execution data'
The second category of data consists of the data that our Customers uploaded to our Platform, or our Platform otherwise accesses that in the course of testing applications, reports, tests, networks, browsers process logs, other artifacts, authentication, licensing, and test execution metadata (e.g., test status, duration, name, browsing sessions, search history) and other information that Customers may provide during testing
In general, ‘Test execution data' means data stored or processes for delivery of Services we provide as a data processor and includes data stored for backup as well. 'Test execution data' need not contain any identifiable PII and sensitive PII regarding customer personnel, customers, end-users, or other third parties.
Please note that LambdaTest does not collect, nor does it require, any identifiable PII or sensitive data by default for its functioning.
From a privacy perspective, the Customer is the controller of Test execution data, and LambdaTest is a processor. This means that throughout the time that a customer subscribes to services with LambdaTest, the Customer retains ownership of and control over Test execution data in its account.
Test execution data’ means data stored for delivery of services we provide as a data processor and includes data stored for backup. LambdaTest hosts its products and associated data on Amazon Web Services (AWS) and Microsoft Azure (Azure) data center, qualified by global IT standards and regulations.
LambdaTest can host the data in the below-mentioned AWS locations (called regions as per AWS)
CountryCityAWS Region
USAVirginiaUS East 1
USAOhioUS East 2
USACaliforniaUS West 1
USAOregonUS West 2
EU/EEAFrankfurtEU Central 1
EU/EEAIrelandEU West 1
EU/EEALondonEU West 2
EU/EEAParisEU West 3
AustraliaSydneyAsia Pacific SouthEast 2
SingaporeSingaporeAsia Pacific SouthEast 1
IndiaMumbaiAsia Pacific South 1
All the backups are created in the corresponding region. All the backups are available in three Availability zones. These backups are taken using the AWS backup service.
LambdaTest can host the data in the below-mentioned Microsoft Azure locations (called regions as per Azure).
CountryCityAWS Region
USAVirginiaUS East
EUFrankfurtEU Central
4. Who owns the Test data and control?
From a privacy perspective, the customer is the controller of the Test execution data, and LambdaTest is a processor. This means that throughout the time that a customer uses services with LambdaTest, the customer retains ownership of and control over Test execution data in its account.
5. Who are LambdaTest Sub-Processors?
LambdaTest may use sub-processors and third-party companies to provide, secure, or improve the services. LambdaTest maintains an up-to-date list of the names and locations of all sub-processors, available at our Sub-Processor list. The list includes the ability for our customers to sign up for notifications of any changes. LambdaTest shall be responsible for the acts and omissions of sub-processors to the same extent that LambdaTest would be responsible if LambdaTest performed each sub-processor's services directly.
6. What steps does LambdaTest take to secure Test execution data?
LambdaTest prioritizes data security and combines enterprise-class security features with comprehensive audits of our applications, systems, and networks to ensure customer and business data is always protected.
For example, LambdaTest servers are hosted at Tier IV or III+, SSAE-16, PCI DSS, or ISO 27001 compliant facilities. Additionally, we engage third-party security experts to perform detailed penetration tests on a periodic basis, and our Customer Success support team is on call 24/7 to respond to security alerts and events.
7. How does LambdaTest notify Customers of a Security Incident?
LambdaTest has processes established for early identification and reporting of incidents /breaches. Accordingly, as data controllers, we notify the concerned Data Protection Authority of a breach within 72 hours after we become aware of it. Depending on specific requirements, we will notify customers when necessary.
As data processors, we inform the concerned data controllers without undue delay. The Data Protection Officer is responsible for reporting security incidents /breaches to customers.
Customers will have a dedicated Customer Success Manager who will be the SPOC for reporting. The account owner/admin of the Customer’s LambdaTest platform will be notified of any security incident that has an impact on the Customer. If there are any email DLs, we will also be able to report the same. We are happy to contractually agree on such requirements with a mutual concurrence.
8. How does LambdaTest Respond to Information Requests?
LambdaTest recognizes that privacy and data security issues are top priorities for customers.
  • LambdaTest does not disclose any Customer data except as necessary to provide its services to its customers and comply with the law as detailed in our Privacy Policy found here
  • LambdaTest has achieved a number of internationally-recognized certifications and accreditations demonstrating compliance with third-party assurance frameworks as described on our Security site.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may disclose personal data to respond to subpoenas, court orders, or legal processes, or, to establish or exercise our legal rights or defend against legal claims.
We may also share such information with relevant law enforcement agencies or public authorities if we believe the same to be necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.