// Trust & Security Report
LangChain Inc.
LangSmith agent engineering platform (Observability/tracing, Evaluation, Deployment/agent server, Fleet enterprise agent orchestration, LangSmith Engine, Sandboxes) plus the open-source LangChain, LangGraph and deepagents frameworks
Certifications held
3
Maturity
Growth
Trains on your data
No
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on trust.langchain.com“Compliance SOC 2 Type II GDPR HIPAA ... Audit Reports 2025 SOC 2 Type 2 LangChain Audit Report.pdf”
Verify on docs.langchain.com“LangSmith complies with the General Data Protection Regulation (GDPR) and other laws and regulations applicable to the LangSmith service.”
> Show 5 unconfirmed / not-held certifications
source: trust.langchain.comno public evidence: the vendor's own Trust Center lists exactly three items under 'Compliance' (SOC 2 Type II, GDPR, HIPAA); ISO 27001 does not appear anywhere on trust.langchain.com, the regions FAQ, or the privacy policy. A third-party comparison blog (confident-ai.com, not a vendor-controlled domain) claims LangSmith Enterprise includes 'ISO 27001 certification,' but this is not corroborated on any langchain.com/langchain.dev property and is treated as unverified.
source: trust.langchain.comNo public evidence of a LangChain-held PCI DSS attestation. Stripe is listed as a subprocessor 'to provide payment processing services for self-serve customers'; card-data handling is delegated to Stripe (Stripe's own PCI compliance), not a LangChain certification.
source: trust.langchain.comno public evidence: not listed on trust.langchain.com's Compliance section or resources list at time of review.
source: trust.langchain.comno public evidence found on trust.langchain.com or via search.
source: trust.langchain.comno public evidence found; not referenced on trust.langchain.com or in LangSmith docs.
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
Multi-region hosting: US (GCP US, AWS US), EU (GCP EU), and APAC (GCP EU/APAC per docs), selectable per organization at signup; a single org cannot currently split workspaces across regions. Primary personal-information processing occurs in the United States per the general privacy policy; DPA available via DocuSign for customers needing one.
LangSmith is a developer/observability platform, not a foundation-model provider, and no vendor page states it trains its own models on customer traces/data. LangSmith's in-product AI features (LangSmith Engine, Fleet) route requests to third-party model providers listed as subprocessors -- OpenAI, Anthropic, Fireworks, Baseten -- 'to provide AI model inference services'; the trust center states these features using LangChain-managed keys are 'opt-in for enterprise customers.' Customers can also bring their own model provider keys. No explicit blanket 'we do not train on your data' statement was found on the privacy policy itself, so buyers with strict no-train requirements should get this confirmed contractually (DPA) rather than relying on marketing copy.
// Security controls
Encryption
Trust Center Product Security controls list 'Data encryption utilized' as an implemented control.
trust.langchain.comPenetration testing
Independent pentest performed annually; 'Assessments: 2026 LangSmith Pentest Exec Summary.pdf' available via the Trust Center, and 'Penetration testing performed' listed as an active Product Security control.
trust.langchain.comAccess control / auth
'Unique account authentication enforced' and 'Access control procedures established' are listed Infrastructure Security controls; SSO and SCIM provisioning are addressed in the Trust Center FAQ ('Do you support Single Sign-On (SSO)?', 'Do you support SCIM Provisioning?').
trust.langchain.comBusiness continuity / DR
'Continuity and Disaster Recovery plans established' and 'tested annually'; cybersecurity insurance maintained (per Internal Security Procedures controls list).
trust.langchain.comEmployee vetting
'Employee background checks performed' and 'Anti-malware technology utilized' listed under Organizational Security controls.
trust.langchain.comSubprocessor transparency
Public subprocessor list on the Trust Center (Google Cloud Platform, AWS, ClickHouse, Supabase for core infra; OpenAI, Anthropic, Fireworks, Baseten for opt-in AI-inference features; Pylon for support ticketing; Stripe for payments), with proactive email disclosure of subprocessor changes (e.g. the '2026 May Subprocessor Updates' notice).
trust.langchain.comIncident transparency
Trust Center publishes named third-party incident advisories with explicit no-impact conclusions for LangSmith, e.g. the April 2026 Vercel security incident and the March 2026 Axios npm supply-chain compromise, plus a self-reported API-key exposure/revocation advisory tied to a supply-chain credential-harvesting campaign (March 28, 2026), stating no evidence of unauthorized customer data access in any of the three events.
trust.langchain.com// Products & data scope
data: Ingests customer application traces, prompts, and outputs sent by the customer's own agent/SDK integrations; region-selectable at signup (US/EU/APAC).
Core paid product; in scope for the current SOC 2 Type II report per the Trust Center.
data: Processes captured traces converted into eval datasets; may use LLM-as-judge calls to model providers for scoring.
Same infrastructure and compliance scope as core LangSmith.
data: Hosts customer agent state, conversational threads, and durable checkpoints in production.
Higher data-sensitivity tier since it runs production agent workloads, not just telemetry.
data: Acts across a company's internal tools with 'enterprise security and admin' controls; can use LangChain-managed model keys (opt-in) which route data to OpenAI/Anthropic/Fireworks/Baseten as subprocessors.
Highest data-exposure product line; confirm subprocessor opt-in settings and BYO-key options before enabling for sensitive workloads.
data: Analyzes production traces and code to diagnose failures and propose fixes; disclosed as using the same AI-inference subprocessors.
Newer AI-powered feature; opt-in for enterprise per the May 2026 subprocessor notice.
data: Self-hosted/self-run code; no customer data passes through LangChain Inc. infrastructure unless the developer also connects LangSmith.
Not covered by LangSmith's compliance certifications since no data is processed by LangChain as a service in this mode; compliance scope only applies once LangSmith tracing/hosting is connected.
data: Runs in-browser and connects directly to the developer's local Agent Server; per LangChain docs, private data 'is not sent to LangSmith' in this mode.
Lowest data-exposure product; useful for privacy-sensitive local development.
// What to watch
- ISO 27001 over-claim risk: a third-party (non-vendor) marketing/comparison page states LangSmith Enterprise includes ISO 27001 certification, but this is not corroborated anywhere on trust.langchain.com, langchain.com, or docs.langchain.com, which list only SOC 2 Type II, GDPR, and HIPAA under Compliance. Graded ISO 27001 held=false; flag this discrepancy if it resurfaces in vendor sales conversations.
- HIPAA/BAA is tier-gated: independent reporting indicates LangChain only signs Business Associate Agreements with customers on the Enterprise plan, so 'HIPAA compliant' should not be presented as available to free/Plus-tier customers without a BAA.
- AI-inference subprocessors (OpenAI, Anthropic, Fireworks, Baseten) were added for in-product AI features (LangSmith Engine, Fleet) in mid-2026 and are opt-in for enterprise customers using LangChain-managed keys; buyers with strict data-flow requirements should confirm opt-in status and BYO-key configuration per workspace.
- Several trust-center detail pages (e.g.
- The general company privacy policy (langchain.com/privacy-policy) does not itself restate the SOC 2/HIPAA/GDPR posture or explicitly rule out AI training on customer data; that posture is documented on the separate Trust Center property (trust.langchain.com) and LangSmith-specific docs instead.
// At a glance
Pricing model
Freemium SaaS (LangSmith free tier + paid Plus/Enterprise tiers, usage/seat-based); open-source frameworks (LangChain, LangGraph, deepagents) are free and self-hosted
Self-hostable
Yes
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on LangChain Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
trust.langchain.com