Trust Center
To fulfill our mission of improving people’s lives with the world’s best transportation, we must ensure that riders and drivers trust us to use data and personal information responsibly. We work hard to earn and keep that trust by investing in cybersecurity and data privacy.
Lyft’s multifaceted cybersecurity effort is led by our Security & Privacy Teams. This team supports the assessment and mitigation of cybersecurity business risk across Lyft in partnership with cross functional company stakeholders. In the ever-changing landscape of cybersecurity threats, Lyft’s security team is responsible for building safeguards and detecting and responding to such threats while enabling the business to thrive. We continually monitor and validate critical assets to improve our protection.
See “Compliance Programs” for a list of areas where we invest in programmatic compliance.
See https://www.lyft.com/privacy for Lyft's publicly available Privacy Policy.
For additional questions or concerns please reach out to customer-trust@lyft.com or your Sales/Account representative.
United Airlines
Alaska Airlines
Airbnb
Salesforce
Blue Cross Blue Shield
GSA
Humana
AARP
Mercedes-Benz
University of Southern California
University of Colorado Boulder
Auburn University
SOC 2 Type II Report
Lyft's 2026 SOC 2 Type II compliance audit has been completed and new audit report is now available!
Lyft's 2025 SOC 2 Type II compliance audit has been completed and new audit report is now available! This year, we added CONFIDENTIALITY TSC into SOC 2 scope.
Lyft's 2024 SOC 2 Type II compliance audit has been completed and new audit report is now available!
Lyft Business Pentest Report
The most recent Lyft Business Pentest Report (2025 Jan) is now available!
PCI-DSS v4.0 Attestation
Lyft's 2024 PCI-DSS v4.0 assessments have been completed and new Attestations of Compliance (AoC) are now available!
Lyft's 2023 PCI-DSS v4.0 assessment has been completed and new Attestation of Compliance (AoC) is now available!