Secure by design
What is Warp?
Warp is a cloud-enabled, AI-assisted terminal application for developers that enables teams to share knowledge and collaborate asynchronously or in real-time alongside the command line.
Warp’s cloud-enabled features include:
- Warp Drive
- Warp AI
- Block Sharing and Embedding
For Warp Drive and block sharing and embedding, all data is securely stored in Google Cloud Platform (GCP). For more information about GCP security, please reference: https://cloud.google.com/security
For Warp AI, all data is sent through a proxy to OpenAI using the enterprise-level GPT-4 APIs. Data is encrypted in transit and never used to train OpenAI models. OpenAI stores this data for a maximum of 30 days.
You can read more about OpenAI’s API data policies on their website: https://openai.com/enterprise-privacy
You can also open Warp’s network log to review all data sent and received: https://docs.warp.dev/features/network-log
Compliance
Warp is currently in the process of attaining SOC 2 Type 2 attestation from an accredited third party. Once this attestation is obtained, it will be renewed annually.
Yes, Warp is committed to maintaining ongoing compliance with General Data Protection Regulation (GDPR). Warp sends communications under the bases of legitimate interest and respects customer consent. Users of Warp may request to have their data deleted at any time.
Privacy Settings and Telemetry
Warp’s privacy policy is available on Warp’s website at: https://www.warp.dev/privacy/policy
For organizations using Warp’s enterprise plan, additional controls may be available to:
- Enforce enabling or disabling telemetry
- Enforce enabling or disabling Warp AI
- Enforce enabling or disabling secret redaction
If your organization has additional security requirements, Warp may work with you to administer controls upon request. You can contact your Dedicated Account Manager or sales@warp.dev for more information.
Warp never collects input or output data from the terminal console. Users may opt out of telemetry at anytime.
Warp’s telemetry includes both high-level application analytics and crash reporting. Users may choose to disable either type of telemetry at any time.
Crash reports help the Warp team debug stability issues. App analytics include only high-level usage data to help the Warp team understand which features are utilized by users, to inform the product road map and improve the user experience.
You can find a full, updated list of all the features Warp’s product team tracks with app analytics in the Warp Docs:
https://docs.warp.dev/getting-started/privacy#what-telemetry-data-does-warp-collect-and-why
Data
Any data supplied to Warp by users or companies is stored on Google Cloud Platform. Database locations are in the United States.
For more information about GCP security, please reference: https://cloud.google.com/security
You own your data that is securely stored on Google Cloud Platform servers by Warp. You may delete your data at any time. Data provided to Warp is never sold to third parties. Reference Warp’s privacy policy: https://www.warp.dev/privacy/policy
All data is encrypted at rest with AES 256 or higher. All data is encrypted in transit with TLS 1.3.
Authentication
Warp supports authentication with a username and password or single sign-on (SSO) through Google or GitHub.
For teams on Warp’s enterprise plan, additional authentication controls may be available. For example, you may enforce single sign-on through a provider such as Okta or enforce domain verification for all members of a team. You can contact your Dedicated Account Manager or sales@warp.dev for more information.
Permanent Contact Information
Yes, you may contact Warp at security@warp.dev for security questions or sales@warp.dev for questions about contracts.
740 Broadway
Suite 802
New York, NY 10003