Trust Center

We undergo an annual SOC 2 (System and Organization Controls 2) audit, also known as a Service Organization Control 2 audit, regulated by the American Institute of Certified Public Accountants (AICPA). This audit is conducted to ensure that our services meet stringent standards for security, availability, and confidentiality. You can request a copy of our SOC 2 report here. While we do not currently offer a SOC 1 report, we fulfill our financial audit obligations through an independent auditor.

GivingData adheres to modern privacy standards that align with major U.S. and international regulations, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant frameworks. These standards ensure that we handle personal data with the utmost care, meeting rigorous requirements for data protection, transparency, and user rights. For more information, please refer to our Privacy Policy.

Yes, GivingData has a robust Incident Management Process and Data Breach Response Plan, which are regularly tested. We utilize advanced tools to promptly detect and respond to potential threats, minimizing the risk of incidents.

All employees are required to undergo mandatory security training, which covers critical topics such as phishing awareness, data protection, and insights into the latest threats along with strategies to prevent them.

Client data is securely hosted in the cloud, with backups and replication stored in a separate region from the primary data center to ensure added redundancy and protection.

All client data is secured using advanced encryption protocols, both at rest and in transit. We implement role-based access controls (RBAC) to ensure that only authorized personnel can access sensitive client databases. In addition, we perform regular backups and provide point-in-time restore (PITR) capabilities to ensure the recovery of any lost information.