Widgetbook Cloud is ISO/IEC 27001 certified

Security your enterprise can build on — independently audited and verified.

We're happy to share a milestone we've been working toward for a while: Widgetbook Cloud is now ISO/IEC 27001 certified.

This certification is independent confirmation that we protect your data according to the highest internationally recognized security standard. Here's what that means and why it matters whether you're a two-person team or evaluating Widgetbook for a large enterprise.

What ISO 27001 actually is

ISO/IEC 27001 is the international standard for information security management. Rather than checking a fixed list of features, it certifies that an organization runs a complete Information Security Management System (ISMS): a systematic, risk-based way of identifying threats, applying the right controls, and continuously improving them.

The important word is independent. An accredited external auditor reviews how we actually operate our infrastructure controls, access management, vendor oversight, incident response, and the day-to-day discipline behind them, and measures them against the standard. And it isn't a one-time event: maintaining certification means recurring audits and ongoing risk assessments. Security is a practice, not a project.

Part of a broader trust program

The certification sits alongside the rest of the work we've put into making Widgetbook Cloud enterprise-ready:

• A Trust Center where you can review our security documentation in one place.

• A Data Processing Addendum built for teams handling data under GDPR, with Widgetbook acting as your processor under European law.

• A Master Services Agreement and Service Level Agreement for enterprise customers, setting out clear commitments on availability, support, and how we operate.

• Subprocessor transparency, so you always know which providers are involved in delivering the service.

As a company based in Germany, building to European data-protection expectations has been part of how we operate from the start. ISO 27001 formalizes and independently validates the practices we'd already built around it.

Why we did this now

When Widgetbook started, it was an open-source package for cataloging Flutter widgets. Today, Widgetbook has more than 400,000 monthly downloads and became the default for Flutter teams building their own custom design system. And Widgetbook Cloud became the UI review platform for teams of any scale. The larger the organisation, the higher is their bar for trust. As we helped more and more enterprises, "is this secure enough for us to depend on?" became a question we wanted to answer definitively, not case by case. ISO 27001 is that answer!

Where to learn more

If you're evaluating Widgetbook Cloud and need documentation for your security or compliance team, please check our Trust Center, and we're glad to share what you need directly.