New Relic has obtained certifications from independent, third-party auditing organizations, such as SOC2, ISO27001, and HITRUST to ensure compliance with data protection regulations. The company's Data Privacy Framework (DPF) certification under the EU-U.S. Data Privacy Framework (including Swiss- U.S. Privacy Framework and UK Extension to the DPF) has been formally approved by the United States Department of Commerce. This framework introduces new binding safeguards to address concerns raised by the CJEU, including limiting access to personal data by US intelligence services to what is necessary and proportionate. New Relic processes limited personal data, primarily telemetry data relevant to assessing technical performance, and employs strong technical and administrative security measures to protect customer data. The company's pre-signed Data Processing Agreement (DPA) explains how New Relic would process law enforcement requests pertaining to personal data in the event of a national security agency contact. With its robust compliance programs and certifications, New Relic supports customers in meeting their data controller obligations efficiently and effectively.