> ## Documentation Index
> Fetch the complete documentation index at: https://buttercms.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Data protection and encryption

> Learn how ButterCMS protects your data with encryption, backups, and comprehensive data security measures.

ButterCMS is a secure and compliant platform that provides security capabilities for businesses of all sizes. Your data is encrypted with AES-256 to safeguard your content. These security capabilities are crucial for protecting the integrity and confidentiality of your data.

## Encryption overview

Your data is encrypted at rest using AES-256, and in transit using TLS v1.2. This ensures that your content is protected whether it's stored in our databases or being transferred to and from your applications.

### Encryption standards

| Type           | Standard | Description                                     |
| -------------- | -------- | ----------------------------------------------- |
| **At Rest**    | AES-256  | Industry-standard encryption for stored data    |
| **In Transit** | TLS 1.2+ | Secure communication protocol for data transfer |
| **Backups**    | AES-256  | All backups are encrypted                       |
| **API Keys**   | Hashed   | API tokens are securely hashed in storage       |

<Info>
  **AES-256** (Advanced Encryption Standard with 256-bit key) is the same encryption standard used by governments and financial institutions worldwide. It would take billions of years to crack with current technology.
</Info>

## Encryption at rest

Content on ButterCMS is securely stored within ISO 27001-certified data centers. Data is safeguarded at rest through AES-256 encryption.

### What is encrypted at rest

All data stored in ButterCMS is encrypted:

| Data Type       | Encrypted | Notes                             |
| --------------- | --------- | --------------------------------- |
| **Content**     | Yes       | Pages, blog posts, collections    |
| **Media Files** | Yes       | Images, videos, documents         |
| **User Data**   | Yes       | Account information, profiles     |
| **API Tokens**  | Yes       | Hashed with additional protection |
| **Backups**     | Yes       | Daily backups fully encrypted     |
| **Logs**        | Yes       | Audit and access logs             |

### Database encryption

* **Storage Encryption** - All database storage volumes are encrypted
* **Key Management** - Encryption keys managed by AWS KMS
* **Automatic Rotation** - Keys are rotated according to security policies
* **Access Controls** - Encryption keys accessible only to authorized services

## Encryption in transit

Content is protected by AES-256 encryption both at rest and in transit. This ensures your data is protected throughout its lifecycle.

### Transport layer security (TLS)

All data transferred to and from ButterCMS is protected by TLS:

* **TLS 1.2 Minimum** - Older, insecure protocols are disabled
* **Strong Cipher Suites** - Only modern, secure ciphers are allowed
* **Certificate Management** - SSL certificates automatically managed and renewed
* **HSTS Enabled** - HTTP Strict Transport Security enforces HTTPS

### HTTPS enforcement

```text theme={null}
All ButterCMS endpoints require HTTPS:

✓ https://api.buttercms.com/v2/...
✓ https://cdn.buttercms.com/...
✓ https://buttercms.com/...

✗ http:// connections are rejected or redirected
```

<Warning>
  Never use unencrypted HTTP connections when accessing ButterCMS. All API calls must use HTTPS to ensure your data and API tokens are protected.
</Warning>

## Data backup & recovery

Redundancy is ensured with daily backups.

{/* SOURCE: file_path="blog-posts/gsd/sanity-vs-contentful-comparison.md" section="Security and compliance" */}

Your data is automatically backed up daily, ensuring its safety and providing peace of mind.

### Backup schedule

| Backup Type      | Frequency | Retention  | Description                |
| ---------------- | --------- | ---------- | -------------------------- |
| **Full Backup**  | Daily     | 30+ days   | Complete database snapshot |
| **Media Assets** | Real-time | Indefinite | S3 native redundancy       |

### Backup features

<CardGroup cols={2}>
  <Card title="Automatic" icon="clock">
    Backups run automatically with no action required from you
  </Card>

  <Card title="Encrypted" icon="lock">
    All backups are encrypted with AES-256
  </Card>

  <Card title="Redundant" icon="copy">
    Multiple copies stored across different regions
  </Card>
</CardGroup>

### Recovery capabilities

If you need to recover data:

1. **Version History** - Restore content to previous versions from the dashboard
2. **Support-Assisted Recovery** - [Contact support](../../support/contact-status/contact-support) for database-level recovery
3. **Enterprise Recovery** - Custom recovery options for enterprise customers

<Tip>
  ButterCMS includes built-in version history for content, allowing you to restore previous versions without needing database recovery.
</Tip>

## Data isolation

### Multi-tenant architecture

ButterCMS operates as a multi-tenant platform with strict data isolation:

| Isolation Layer        | Description                                            |
| ---------------------- | ------------------------------------------------------ |
| **Logical Separation** | Each customer's data is logically separated            |
| **Access Controls**    | API tokens provide account-level access only           |
| **Query Isolation**    | Database queries are scoped to customer accounts       |
| **Network Isolation**  | Internal services communicate through private networks |

### Customer data boundaries

* **No Cross-Customer Access** - Your data is never accessible to other customers
* **API Token Scoping** - Tokens only access your account's data
* **Audit Logging** - All data access is logged and auditable
* **Strict RBAC** - Role-based access within your organization

## Data retention

### Content retention

Your content remains in ButterCMS as long as your account is active:

| Data Type             | Retention     | Notes                      |
| --------------------- | ------------- | -------------------------- |
| **Published Content** | Indefinite    | Until you delete it        |
| **Draft Content**     | Indefinite    | Until published or deleted |
| **Deleted Content**   | 30 days       | Soft delete, recoverable   |
| **Version History**   | Based on plan | Varies by subscription     |
| **Media Assets**      | Indefinite    | Until you delete them      |

## Data privacy

### Data Processing

| Aspect             | ButterCMS Approach                |
| ------------------ | --------------------------------- |
| **Data Location**  | Primarily US-based (Heroku + AWS) |
| **Sub-processors** | AWS, Heroku, Fastly, Stripe       |
| **Data Transfer**  | Standard Contractual Clauses      |
| **DPA Available**  | Yes, for enterprise customers     |

### Your responsibilities

While ButterCMS secures the platform, you're responsible for:

* Content you store (avoid storing sensitive PII in content fields)
* User access management within your organization
* Compliance with your own regulatory requirements
* Implementing appropriate privacy notices for your end users

## API security

### API token security

* **Read vs Write Tokens** - Separate tokens for read and write operations
* **Token Rotation** - Regenerate tokens if compromised
* **Environment Separation** - Different tokens for staging/production
* **Secure Storage** - Never expose tokens in client-side code

<Warning>
  **API Token Best Practices:**

  * Store tokens in environment variables, not in code
  * Use read-only tokens for client-side applications
  * Keep write tokens server-side only
  * Rotate tokens periodically and after team member departures
</Warning>

### API usage limits

ButterCMS enforces monthly API usage limits to protect against abuse and ensure fair usage:

* **Free/Trial** accounts are blocked if monthly API call limits are exceeded
* **Paid** accounts use usage-based billing for overages instead of blocking
* **Enterprise** accounts use custom terms

## Security monitoring

Security is further fortified through vigilant threat detection, secure communication via HTTPS, and access control.

### Threat detection

* **Anomaly Detection** - Identify unusual access patterns
* **Intrusion Detection** - Monitor for unauthorized access attempts
* **Log Analysis** - Automated analysis of security events
* **Real-time Alerts** - Immediate notification of security events
