Vanta Logo
Product
Products
Automated Compliance

Get (and stay) compliant with ease.

Continuous GRC

Join the modern way to GRC.

Vendor Risk Management

Streamline vendor security reviews.

Streamlined Audits

Simplify audits from start to finish.

Questionnaire Automation

Auto-fill security questionnaires.

Risk Management

Centralize risk, stay informed.

Trust Center

Demonstrate trust in real-time.

Personnel and Access

Manage compliance across employees.

Platform
Trust management platform

Deepen your security—and customer trust.

Vanta integrations

Sync with [integrations_count] tools.

Vanta AI ✨

Hand off your most tedious tasks.

Vanta API

Enhance your security and compliance automation.

frameworks
SOC 2
ISO 27001
GDPR
HIPAA
HITRUST CSF
USDP
NIST AI RMF
ISO 42001
CMMC
Custom frameworks
Additional frameworks
Solutions
Company size
Startup

Grow faster with automated compliance.

Mid-market

Expand security and compliance as you scale.

Enterprise

Build more trust in your established brand.

Find a partner
Service provider directory

Discover world-class service providers.

Auditor directory

Connect with top compliance auditors.

Integrations

Sync with [integrations_count] tools.

Partners
Partner program overview

Set yourself apart with Vanta.

Service providers

Build, scale, and grow your business.

Auditors

Elevate your clients' experiences.

The cover of the book revolutionizing risk how to manage risk with Vanta.

Revolutionize risk:How to manage risk with Vanta

Download the eBook
Customers
Plans
Resources
Resources
All resources

Find all your security and compliance content here.

Blog

Explore security trends and thought leadership.

Guides and reports

Find ebooks, checklists, whitepapers, and more.

Glossary

Get bite-sized definitions of the terms you need to know.

Events

Watch webinars and videos on trending security topics.

Collections
SOC 2 collection

Learn everything you need to know about SOC 2. 

ISO 27001 collection

Get the guide to ISO 27001 certification.

GRC collection

Implement a GRC program with ease. 

TPRM collection

Implement and optimize your TPRM program.

Trust collection

Get the guide to all things trust.

HITRUST collection

Get the guide to HITRUST certification.

Cyber Essentials collection

Get the guide to Cyber Essentials certification.

Customer Education
Help center

Find the help you need to get started with Vanta. 

Vanta Academy

Deepen your security knowledge and learn new skills. 

Community

Connect with fellow Vanta users and security experts.

Instructor-led training

Live, interactive training to help you master the product and progress quickly.

The State of Trust Report 2024

Get the report
Company
Company
About

Learn more about Vanta.

Careers

Join our team!

Security

Understand Vanta's security and compliance strategy.

Press

See the latest in Vanta news and press releases.

a purple background with a llama in the foreground with a rocket strapped to its back and a button to try Vanta AI

Introducing Vanta AI: Powering the future of trust management

Learn More
Product
Products
Automated compliance

Get (and stay) compliant with ease.

Continuous GRC

Join the modern way to GRC.

Vendor Risk Management

Streamline vendor security reviews.

Streamlined Audits

Simplify audits from start to finish.

Questionnaire Automation

Auto-fill security questionnaires.

Risk Management

Centralize risk, stay informed.

Trust Center

Demonstrate trust in real-time.

Personnel and Access

Manage compliance across employees.

Platform
Trust management platform

Deepen your security—and customer trust.

Vanta integrations

Sync with [integrations_count] tools.

Vanta AI ✨

Hand off your most tedious tasks.

Vanta API

Enhance your security and compliance automation.

frameworks
SOC 2
ISO 27001
GDPR
HIPAA
HITRUST CSF
USDP
NIST AI RMF
ISO 42001
CMMC
Custom frameworks
Additional frameworks
A purple background with the words live product demo.

Product Demo

Check out Vanta in action
Watch now
Vanta Platform
Trust management platform
Integrations network
Vanta AI ✨
Vanta API
Automate compliance
SOC 2
ISO 27001
GDPR
HIPAA
HITRUST e1
USDP
NIST AI Risk Management Framework
ISO 42001
Custom frameworks
Additional frameworks
Unify security program management
Risk management
Access management
Workspaces
Streamline security reviews
Trust Center
Questionnaire automation
Vendor risk management
A purple background with the words live product demo.

Product Demo

Check out Vanta in action
Watch now
Solutions
Company size
Startup

Grow faster with automated compliance. 

Mid-market

Expand security and compliance as you scale.

Enterprise

Build more trust in your established brand.

Find a Partner
Service provider directory

Discover world-class service providers.

Auditor directory

Connect with top compliance auditors.

Integrations

Sync with [integrations_count] tools.

Partners
Partner program overview

Set yourself apart with Vanta.

Service providers

Build, scale, and grow your business.

Auditors

Elevate your clients' experiences.

The cover of the book revolutionizing risk how to manage risk with Vanta.

Revolutionize risk:How to manage risk with Vanta

Download now
Customers
Plans
Resources
Resources
All resources

Find all your security and compliance content here.

Blog

Explore security trends and thought leadership.

Guides and reports

Find ebooks, checklists, whitepapers, and more.

Glossary

Get bite-sized definitions of the terms you need to know.

Events

Watch webinars and videos on trending security topics.

Collections
SOC 2 collection

Learn everything you need to know about SOC 2. 

ISO 27001 collection

Get the guide to ISO 27001 certification.

GRC collection

Implement a GRC program with ease. 

TPRM collection

Implement and optimize your TPRM program.

Trust collection

Get the guide to all things trust.

HITRUST collection

Get the guide to HITRUST certification.

Customer Education
Help center

Find the help you need to get started with Vanta. 

Vanta Academy

Deepen your security knowledge and learn new skills. 

Community

Connect with fellow Vanta users and security experts.

Instructor-led training

Live, interactive training to help you master the product and progress quickly

The State of Trust Report 2024

Get the report
Company
Company
About

Learn more about Vanta.

Careers

Join our team!

Security

Understand Vanta's security and compliance strategy.

Press

See the latest in Vanta news and press releases.

a purple background with a llama in the foreground with a rocket strapped to its back and a button to try Vanta AI

Introducing Vanta AI: Powering the future of trust management

Learn More
LoginRequest a demo
LoginRequest a Demo

Vanta GraphQL API Terms of Service

‍

‍

Last revised: March 30, 2022

‍

By accessing or using our APIs and other developer services (together, the “APIs”), you are agreeing to the terms below (the "Terms”). If You are entering into these Terms on behalf of a company, organization or another legal entity (an “Entity”), You are agreeing to these Terms for that Entity and representing to Vanta that You have the authority to bind such Entity and its Affiliates to these Terms, in which case the terms “Licensee”, “You”, “Your” or a related capitalized term herein shall refer to such Entity and its Affiliates. If You do not have such authority, or if You do not agree with these Terms, You must not accept this Agreement and may not access nor use the API. Capitalized terms used but not defined herein have the meaning ascribed to them in https://www.vanta.com/terms.

‍

The APIs are designed to help You enhance Your websites and applications ("API Client(s)"). YOU AGREE THAT VANTA MAY MONITOR USE OF THE APIS TO ENSURE QUALITY, IMPROVE VANTA PRODUCTS AND SERVICES, AND VERIFY YOUR COMPLIANCE WITH THE TERMS.

‍

Subject to these Terms, including the restrictions set forth below, Vanta grants to Licensee a non-exclusive, non-transferable, non-sublicensable, worldwide, revocable right and license during the Term to: use and make calls to the API solely for use by Licensee in connection with the Services. In order to use and access the API, Licensee must obtain API credentials (a “Token”). Licensee may not share its Token with any third party except as expressly permitted by the Vanta platform, shall keep such Token and all Login information secure, and shall use the Token as Licensee’s sole means of accessing the API. Licensee’s use of the APIs shall not substantially replicate products or services offered by Vanta. Licensee will respect and comply with the technical and policy-implemented limitations of the API and the restrictions of these Terms in using the APIs. Without limiting the foregoing, Licensee shall not intentionally violate any explicit rate limitations on calling or otherwise utilizing an API.

‍

You will not: (a) “frame,” distribute, resell, or permit access to the APIs by any third party other than as allowed by the features and functionality of the Services; (b) use the APIs in violation of applicable laws (including without limitation laws regarding the import or export of data or software, privacy, and local laws), or to encourage or promote illegal activity or violation of third party rights; (c) interfere with, disrupt, or gain unauthorized access to the APIs; (d) successfully or otherwise, attempt to: reverse engineer, discover the underlying source code or structure of, or copy the APIs; (e) transfer to the APIs or otherwise use on the APIs any code, exploit, or undisclosed feature that is designed to delete, disable, deactivate, interfere with or otherwise harm or provide unauthorized access to the APIs; (f) provide access to the APIs to an individual associated with a Vanta Competitor; or (g) extract information from the APIs in furtherance of competing with Vanta. A “Vanta Competitor” is any entity that provides the same or similar goods and services to those provided to Vanta, as would be determined by a commercially reasonable individual.

‍

Our communications to You and our APIs constitute Vanta confidential information. Vanta confidential information includes any materials, communications, and information that are marked confidential or that would normally be considered confidential under the circumstances. You agree that You will not disclose it to any third party without Vanta's prior written consent.

‍

EXCEPT AS EXPRESSLY SET OUT IN THE TERMS, VANTA DOES NOT MAKE ANY SPECIFIC PROMISES ABOUT THE APIS. FOR EXAMPLE, WE DON'T MAKE ANY COMMITMENTS ABOUT THE CONTENT ACCESSED THROUGH THE APIS, THE SPECIFIC FUNCTIONS OF THE APIS, OR THEIR RELIABILITY, AVAILABILITY, OR ABILITY TO MEET YOUR NEEDS. WE PROVIDE THE APIS "AS IS". EXCEPT AS EXPRESSLY PROVIDED FOR IN THE TERMS, TO THE EXTENT PERMITTED BY LAW, WE EXCLUDE ALL WARRANTIES, GUARANTEES, CONDITIONS, REPRESENTATIONS, AND UNDERTAKINGS.

‍

WHEN PERMITTED BY LAW, VANTA WILL NOT BE RESPONSIBLE FOR LOST PROFITS, REVENUES, OR DATA; FINANCIAL LOSSES; OR INDIRECT, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES RELATED TO THE APIS.

‍

TO THE EXTENT PERMITTED BY LAW, THE TOTAL LIABILITY OF VANTA FOR ANY CLAIM REGARDING THE APIS, INCLUDING FOR ANY IMPLIED WARRANTIES, SHALL IN NO EVENT EXCEED ONE HUNDRED U.S. DOLLARS ($100.00). ANY CLAIM ARISING OUT OF OR RELATING TO THE APIS MUST BE BROUGHT WITHIN ONE (1) YEAR OF THE FIRST EVENT OR OCCURRENCE GIVING RISE TO THE CLAIM. Some jurisdictions do not allow the exclusion of implied warranties or limitation of liability for incidental or consequential damages, which means that some of the above limitations may not apply to Licensee. IN THESE JURISDICTIONS, VANTA’S LIABILITY WILL BE LIMITED TO THE GREATEST EXTENT PERMITTED BY LAW.

‍

IN ALL CASES VANTA WILL NOT BE LIABLE FOR ANY EXPENSE, LOSS, OR DAMAGE THAT IS NOT REASONABLY FORESEEABLE.

‍

Unless prohibited by applicable law, You will defend and indemnify Vanta, and its affiliates, directors, officers, employees, and users, against all liabilities, damages, losses, costs, fees (including legal fees), and expenses relating to any allegation or third-party legal proceeding to the extent arising from:

  • Your misuse of the APIs;
  • Your violation of the Terms; or
  • any content or data routed into or used with the APIs by You or those acting on Your behalf.

The laws of California, U.S.A., excluding California's conflict of laws rules, will apply to any disputes arising out of or related to the APIs and ALL CLAIMS ARISING OUT OF OR RELATING TO THE TERMS OR THE APIS WILL BE LITIGATED EXCLUSIVELY IN THE FEDERAL OR STATE COURTS OF SAN FRANCISCO, CALIFORNIA, USA, AND YOU AND VANTA CONSENT TO PERSONAL JURISDICTION IN THOSE COURTS.

‍

Get compliant and build trust—fast

Request a demo
G2 Badge 2025 - Best Software | Top 50 Governance, Risk, & Compliance ProductsG2 Badge 2025 - Best Software | Top 50 Security ProductsG2 Badge 2025 - Best Software | Top 100 Best Software Products
Product
Automated ComplianceContinuous GRCVendor Risk ManagementStreamlined Audits
Questionnaire AutomationRisk ManagementTrust CenterPersonnel and Access
Frameworks
SOC 2ISO 27001GDPRHIPAAHITRUST CSF
USDPNIST AI RMFISO 42001Custom frameworksAdditional frameworks
Platform
Trust Management PlatformVanta integrationsVanta AI ✨Vanta API
Solutions
StartupMid-marketEnterprise
Customers
Customer storiesRelease notes
Become a partner
Partner program overviewService providersAuditors
Find a partner
Service provider directoryAuditor directoryIntegrations
Resources
All resourcesSOC 2 collectionISO 27001 collectionGRC collectionTPRM collectionTrust collectionHITRUST collectionCyber Essentials collection
Help centerVanta AcademyCommunityVanta for developers
Articles
SOC 2 complianceSOC 2 checklistISO 27001 certification
ISO 27001 documentationHIPAA checklistGDPR checklist
Company
About
Careers
HIRING
PressSecuritySystem statusSupport statusTrust center
Linkedin iconFacebook iconTwitter (X) iconYoutube icon
TermsPrivacy
Do Not Sell or Share My Personal Information
Modern Slavery Act Statement
© 2025 Vanta. All rights reserved
SOC 2 Type 2 Compliance Badge for VantaISO 27001 Compliance Badge for VantaGDPR Compliance Badge for Vanta