ButterCMS is a secure and compliant platform that provides security capabilities for businesses of all sizes. Your data is encrypted with AES-256 to safeguard your content. These security capabilities are crucial for protecting the integrity and confidentiality of your data.
Encryption overview Your data is encrypted at rest using AES-256, and in transit using TLS v1.2. This ensures that your content is protected whether it’s stored in our databases or being transferred to and from your applications.
Encryption standards Type Standard Description At Rest AES-256 Industry-standard encryption for stored data In Transit TLS 1.2+ Secure communication protocol for data transfer Backups AES-256 All backups are encrypted API Keys Hashed API tokens are securely hashed in storage
AES-256 (Advanced Encryption Standard with 256-bit key) is the same encryption standard used by governments and financial institutions worldwide. It would take billions of years to crack with current technology.
Encryption at rest Content on ButterCMS is securely stored within ISO 27001-certified data centers. Data is safeguarded at rest through AES-256 encryption.
What is encrypted at rest All data stored in ButterCMS is encrypted:
Data Type Encrypted Notes Content Yes Pages, blog posts, collections Media Files Yes Images, videos, documents User Data Yes Account information, profiles API Tokens Yes Hashed with additional protection Backups Yes Daily backups fully encrypted Logs Yes Audit and access logs
Database encryption
Storage Encryption - All database storage volumes are encryptedKey Management - Encryption keys managed by AWS KMSAutomatic Rotation - Keys are rotated according to security policiesAccess Controls - Encryption keys accessible only to authorized services
Encryption in transit Content is protected by AES-256 encryption both at rest and in transit. This ensures your data is protected throughout its lifecycle.
Transport layer security (TLS) All data transferred to and from ButterCMS is protected by TLS:
TLS 1.2 Minimum - Older, insecure protocols are disabledStrong Cipher Suites - Only modern, secure ciphers are allowedCertificate Management - SSL certificates automatically managed and renewedHSTS Enabled - HTTP Strict Transport Security enforces HTTPS
HTTPS enforcement All ButterCMS endpoints require HTTPS: ✓ https://api.buttercms.com/v2/... ✓ https://cdn.buttercms.com/... ✓ https://buttercms.com/... ✗ http:// connections are rejected or redirected
Never use unencrypted HTTP connections when accessing ButterCMS. All API calls must use HTTPS to ensure your data and API tokens are protected.
Data backup & recovery Redundancy is ensured with daily backups.
Your data is automatically backed up daily, ensuring its safety and providing peace of mind.
Backup schedule Backup Type Frequency Retention Description Full Backup Daily 30+ days Complete database snapshot Media Assets Real-time Indefinite S3 native redundancy
Backup features
Automatic Backups run automatically with no action required from you
Encrypted All backups are encrypted with AES-256
Redundant Multiple copies stored across different regions
Recovery capabilities If you need to recover data:
Version History - Restore content to previous versions from the dashboardSupport-Assisted Recovery - Contact support for database-level recoveryEnterprise Recovery - Custom recovery options for enterprise customers
ButterCMS includes built-in version history for content, allowing you to restore previous versions without needing database recovery.
Data isolation Multi-tenant architecture ButterCMS operates as a multi-tenant platform with strict data isolation:
Isolation Layer Description Logical Separation Each customer’s data is logically separated Access Controls API tokens provide account-level access only Query Isolation Database queries are scoped to customer accounts Network Isolation Internal services communicate through private networks
Customer data boundaries
No Cross-Customer Access - Your data is never accessible to other customersAPI Token Scoping - Tokens only access your account’s dataAudit Logging - All data access is logged and auditableStrict RBAC - Role-based access within your organization
Data retention Content retention Your content remains in ButterCMS as long as your account is active:
Data Type Retention Notes Published Content Indefinite Until you delete it Draft Content Indefinite Until published or deleted Deleted Content 30 days Soft delete, recoverable Version History Based on plan Varies by subscription Media Assets Indefinite Until you delete them
Data privacy Data Processing Aspect ButterCMS Approach Data Location Primarily US-based (Heroku + AWS) Sub-processors AWS, Heroku, Fastly, Stripe Data Transfer Standard Contractual Clauses DPA Available Yes, for enterprise customers
Your responsibilities While ButterCMS secures the platform, you’re responsible for:
Content you store (avoid storing sensitive PII in content fields)
User access management within your organization
Compliance with your own regulatory requirements
Implementing appropriate privacy notices for your end users
API security API token security
Read vs Write Tokens - Separate tokens for read and write operationsToken Rotation - Regenerate tokens if compromisedEnvironment Separation - Different tokens for staging/productionSecure Storage - Never expose tokens in client-side code
API Token Best Practices:
Store tokens in environment variables, not in code
Use read-only tokens for client-side applications
Keep write tokens server-side only
Rotate tokens periodically and after team member departures
API usage limits ButterCMS enforces monthly API usage limits to protect against abuse and ensure fair usage:
Free/Trial accounts are blocked if monthly API call limits are exceededPaid accounts use usage-based billing for overages instead of blockingEnterprise accounts use custom terms
Security monitoring Security is further fortified through vigilant threat detection, secure communication via HTTPS, and access control.
Threat detection
Anomaly Detection - Identify unusual access patternsIntrusion Detection - Monitor for unauthorized access attemptsLog Analysis - Automated analysis of security eventsReal-time Alerts - Immediate notification of security events 