Secure platform, secure infrastructure, secure data

Your data is sensitive.  We are constantly improving our security, compliance and audit initiatives with your trust in mind.


We ensure Patch meets industry standard compliance.


We use industry best practices to secure Patch’s services.


We train every employee on security and privacy policies.


We develop products with security, privacy & quality in mind.


We comply with global privacy laws and security standards

SOC 2 Type II Certified

Patch’s  SOC 2 Type II report includes the trust services categories of Security, Confidentiality, and Availability, and is audited annually.

HIPAA Compliance

Patch is HIPAA compliant.

GDPR Compliance

Patch is GDPR Compliant.

CCPA Compliance

Patch is CCPA Compliant.


Secure-by-design, Patch is built to protect your most sensitive data

Secure infrastructure provider

We host all of our data in physically secure, U.S.-based leading cloud provider facilities that include 24/7 on-site security, camera surveillance, and more.

Strict access controls

Access to all Patch systems is managed through our identity provider, which automates user provisioning, enforces passwordless MFA, and logs all activity.

Server security & monitoring

All servers are configured using a documented set of security guidelines, and images are managed centrally. Changes to the company’s infrastructure are tracked, and security events are logged appropriately.


Employees are vetted and trained on security practices

Formal security policies and incident response plan

Patch maintains a set of comprehensive security polices that are kept up to date to meet the changing security environment. These materials are made available to all employees during training and through the company’s knowledge base.

Continuous security training

Patch provides continuous education on emerging security threats, performs phishing awareness campaigns, and communicates with employees regularly.


Development practices have security and quality checks built-in

Development and change management process

Code development is done through a documented SDLC process, and every change is tracked via GitHub. Automated controls ensure changes are peer-reviewed and pass a series of tests before being deployed to production.

Third-party vendor security review process

We ensure that all of our third-party apps and providers meet our security data protection standards before using them.

For app developers

Production APIs, not SQL

REST, GraphQL or gRPC. Access your company’s data with the same API types as the rest of your application, using the client of your choice.

Deployed immediately. No need to wait for infrastructure teams to stand up pipelines and databases before you can start coding.

Create a Dataset -->

The missing developer platform for the data warehouse

Patch provides compute spend attribution & cost-limited quotas to help your team build responsibly. Create apps of all kinds with fast, secure APIs and complexity-reducing SDKs.

Develop any application

Notifications, CRMs, billing, marketing automation, incident response, inventory management, and so much more.

Ribbon with a database, Slack, and email icon.

Enterprise-grade security

Password-less MFA and tenant-isolated architecture ensures data is safe & secure.

Screenshot of an iphone authentication app.

Get started in minutes

Patch Connect makes it easy for end users to request access to the data warehouse and for DBAs to grant it.

Reduce your compliance burden

Patch's credential storage, access management, and object graph API makes it easy to limit your compliance exposure.

A Data Team and GTM team collaboration graphic.

Thank you! We will reach out shortly with onboarding instructions.
Oops! Something went wrong while submitting the form.

By providing, I agree to the Terms of Use and Privacy Policy