Introduction

Security and compliance

At Uploadcare we honor the safety of personal and business-sensitive information and implement compliancy with GDPR, HIPAA and other standards and regulations. Uploadcare provides you with advanced privacy features to upload, access and manage your content in a secure way.

Signed uploads

Control who and when can upload files. It prevents from uploading files using a Public API key only. You’ll have to generate a security token on the backend to upload a file. Signed uploads work for a particular Uploadcare project.

Signed URLs

Control who and when can request files. Enabling this feature limits access to your project files. A user will require a token from your backend to access the content. Signed URLs work in conjunction with custom domains.

AWS S3 storage

Uploadcare allows you to upload files directly to your own AWS S3 storage.

Malware protection

Enable malware checking for all uploaded files.

SVG validation

Uploadcare’s automatic SVG file verification feature protects against potential security vulnerabilities. SVG files containing JavaScript code can pose a significant risk. If JavaScript is found inside the SVG file, it will be rejected from uploading.

By default, this feature is disabled.

You can enable SVG validation for your project in the Dashboard. Once this feature is enabled, all newly uploaded files will be validated.

This option is available on paid plans.

Search engine indexing

Restrict search engines to analyze and index content in your project for global search: image and text. Setup search engine indexing behavior for each of your projects.

Signed webhooks

Control who and when can call your webhook endpoint (URL). Without verification, anyone can spoof a request sent to the webhook URL. The solution is to sign each webhook payload with a secret.

HIPAA guide

HIPAA is US legislation providing data privacy and security provisions for safeguarding electronic protected health information (ePHI). On our Enterprise plan, Uploadcare can be configured to support HIPAA compliant workflow.

Compliance

Uploadcare is committed to complying with industry-standard privacy and security measures and all applicable laws and regulations to keep customer and end-user data safe and secure: SOC 2, HIPAA, GDPR. Learn more about it in our Trust Center.