To fulfill our mission of improving people’s lives with the world’s best transportation, we must ensure that riders and drivers trust us to use data and personal information responsibly. We work hard to earn and keep that trust by investing in cybersecurity and data privacy.
Lyft’s multifaceted cybersecurity effort is led by our Security & Information Security Teams. This team supports the assessment and mitigation of cybersecurity business risk across Lyft in partnership with cross functional company stakeholders. In the ever-changing landscape of cybersecurity threats, Lyft’s security team is responsible for building safeguards and detecting and responding to such threats while enabling the business to thrive. We continually monitor and validate critical assets to improve our protection.
We have a team of experienced analysts and software engineers dedicated full time to privacy, working to ensure that personal information is properly handled at all times. The team develops the policies, processes, and technical infrastructure to support our Privacy by Design philosophy, mitigate privacy risk, and honor our privacy commitments.
See “Compliance Programs” for a list of areas where we invest in programmatic compliance.
For additional data compliance requests, questions or concerns please reach out to [email protected] or your Sales/Account representative.
Trust Center Updates
Lyft's 2024 SOC 2 Type II compliance audit has been completed and new audit report is now available!
Lyft's 2023 PCI-DSS v4.0 assessment has been completed and new Attestation of Compliance (AoC) is now available!
If you need help using this Trust Center, please contact us.
If you think you may have discovered a vulnerability, please send us a note.