Trust Center

Start your security review
Search items
ControlK

To fulfill our mission of improving people’s lives with the world’s best transportation, we must ensure that riders and drivers trust us to use data and personal information responsibly. We work hard to earn and keep that trust by investing in cybersecurity and data privacy.

Lyft’s multifaceted cybersecurity effort is led by our Security & Information Security Teams. This team supports the assessment and mitigation of cybersecurity business risk across Lyft in partnership with cross functional company stakeholders. In the ever-changing landscape of cybersecurity threats, Lyft’s security team is responsible for building safeguards and detecting and responding to such threats while enabling the business to thrive. We continually monitor and validate critical assets to improve our protection.

We have a team of experienced analysts and software engineers dedicated full time to privacy, working to ensure that personal information is properly handled at all times. The team develops the policies, processes, and technical infrastructure to support our Privacy by Design philosophy, mitigate privacy risk, and honor our privacy commitments.

See “Compliance Programs” for a list of areas where we invest in programmatic compliance.

For additional data compliance requests, questions or concerns please reach out to [email protected] or your Sales/Account representative.

GSA-company-logoGSA
Salesforce-company-logoSalesforce
Slack-company-logoSlack
Humana-company-logoHumana
AARP-company-logoAARP
Mercedes-Benz-company-logoMercedes-Benz
University of Southern California-company-logoUniversity of Southern California
University of Colorado Boulder-company-logoUniversity of Colorado Boulder
Auburn University-company-logoAuburn University

Compliance Artifacts

Pentest Report

Trust Center Updates

SOC 2 Type II Report

ComplianceCopy link

Lyft's 2024 SOC 2 Type II compliance audit has been completed and new audit report is now available!

Published at N/A

PCI-DSS v4.0 Attestation

ComplianceCopy link

Lyft's 2023 PCI-DSS v4.0 assessment has been completed and new Attestation of Compliance (AoC) is now available!

Published at N/A*

If you need help using this Trust Center, please contact us.

If you think you may have discovered a vulnerability, please send us a note.

Powered bySafeBase Logo