BigCommerce achieves two new certifications

Latest certifications provide transparency into the company’s security, privacy and compliance posture

BigCommerce (Nasdaq: BIGC), a leading Open SaaS ecommerce platform for fast-growing and established B2C and B2B brands, today announced it has successfully achieved two new certifications for compliance with privacy and business continuity standards issued by the International Organization for Standardization (ISO). These new certifications complement BigCommerce’s existing certifications for information security and reflect the company’s commitment to the security, privacy and resilience of its trusted enterprise ecommerce platform.

“At BigCommerce, we take our duty to safeguard the data of our merchants very seriously. Our achievement of both ISO 27701 and 22301 certifications illustrates our unwavering commitment to ensuring the security, privacy and resilience of our platform,” said Brian Dhatt, chief technology officer at BigCommerce. “These new certifications complement our existing certifications for information security, demonstrating our dedication to meeting the highest standards in the industry. We want our merchants and prospects to know that we are fully dedicated to securing their data, and that the BigCommerce platform is architected and operated in a secure and reliable manner.”

ISO 27701 is a leading privacy certification based on the recognized international standard for privacy information management systems, which outlines controls and processes for managing data privacy and protecting personally identifiable information. ISO 27701 certification reflects BigCommerce’s commitment to ensuring that the company does not use, disclose or retain platform personal data except as authorized by our merchants. This standard is aligned with the General Data Protection Regulation (GDPR).

ISO 23301 is a leading business resilience certification based on the recognized international standard for business continuity management systems, which outlines controls and processes for managing business resilience.

Both certifications required verification by an external auditor to confirm that BigCommerce implements and maintains a comprehensive set of policies, procedures and controls that meet the stringent requirements issued by the ISO. Qualified independent audit firm Coalfire awarded the certifications after an arduous audit of BigCommerce policies, procedures and controls against the specific requirements of ISO 27701 and 22301.

“The world’s enterprise merchants need to know they can trust their ecommerce platform,” Dhatt said. “It’s exceedingly rare for top enterprise-capable platforms to achieve both ISO 27701 and 22301 certifications.”

BigCommerce’s ISO 27701 and ISO 22301 certifications are the latest in a series of investments that BigCommerce is making to its information security, data privacy and business resiliency practices. BigCommerce has held its ISO 27001 certification since 2019, and first achieved compliance with SOC 1 Type 2, SOC 2 Type 2 and SOC 3 standards in 2022. BigCommerce is committed to regularly undergoing independent, qualified, third-party audits to verify the company’s information protection policies and practices meet the expectations of its most discerning customers.

Additional information about BigCommerce’s third-party certifications, and to better understand how they fit into the company’s broader data protection and business resilience strategies, is available at the BigCommerce Platform Trust Center at

Stay Ahead of the Game with MTC Podcast

Previous ArticleNext Article