Givzey | Version2.ai is SOC 2 Compliant

We're proud to announce that Givzey | Version2.ai is SOC 2 compliant, reinforcing our commitment to protecting your data and maintaining the highest security standards.

At Givzey | Version2.ai, we must balance two often competing interests: continuing to grow and develop for our partners in a cutting-edge, rapidly changing technology space while remaining excellent and conservative stewards of the highly sensitive data and workflows our partners entrust to us.

Our partners trust us with some of their most important data, their donors' data, and their reputations. Because of that, security has always been the top priority for our product and engineering teams. As part of our commitment to security, we're proud to announce that we recently obtained our SOC 2 attestation report.

What is SOC 2?

SOC stands for "System and Organization Controls", and is a framework governed by the American Institute of Certified Public Accountants (AICPA).

For SOC 2, AICPA has defined five Trust Services Criteria (TSC) that service organizations can choose to meet: Security, Availability, Processing Integrity, Confidentiality, and Privacy. All SOC 2 reports must cover Security. In addition to Security, service organizations can choose to add additional criteria to their report based on what's most relevant to their business.

Once the TSCs have been chosen, the service provider must define controls to ensure that those criteria are met. For instance, to meet the Security criterion, a service provider might define a control that requires access to all sensitive internal systems to be protected by multi-factor authentication.

In preparing a SOC 2 report, a third-party CPA firm evaluates two main questions. First, are the controls adequate and appropriately designed to address the selected TSCs? And second, are the controls actually operating effectively in the day-to-day practices of the service organization?

Why and How We Got Our SOC 2 Attestation

At Givzey | Version2.ai, we chose to get a SOC 2 report for two reasons.

First, we wanted to hold ourselves accountable to a rigorous framework to help ensure that we keep the data of our partners and their donors safe.

Second, we wanted a streamlined, standardized way to communicate our security practices to our customers.

We worked with Vanta to help define our controls and ensure they were operating effectively, and partnered with Advantage Partners, who tested and acknowledges Givzey | Version2.ai effectively complies with security controls we have in place.

What This Means for Our Partners

Our SOC 2 compliance means that your organization can:

• Trust that your data and your donor's data is handled according to industry-standard security protocols

• Simplify your vendor assessment process with standardized security documentation

• Confidently expand your use of our AI-powered fundraising tools knowing they meet rigorous security standards

• Demonstrate to your own stakeholders that you're working with security-conscious technology partners

Our Security Commitment in Action

As the leading fundraising technology company solving our industry's most important challenges at the very bleeding edge of innovation, Givzey | Version2.ai's rigorous commitment to data security includes:

• Comprehensive Security Monitoring - Regular vulnerability scans across our systems and networks, complemented by penetration tests of our production environment to proactively identify and address potential vulnerabilities

• Incident Response Preparedness - Established operational procedures for managing security incidents and breaches, including prompt notification protocols to keep partners informed

• End-to-End Encryption - Implementation of robust encryption technologies to protect customer data both at rest and in transit, ensuring sensitive information remains secure

• Data Lifecycle Management - Structured data retention and disposal policies that balance regulatory compliance with minimizing unnecessary data exposure

• System Reliability - Commitment to high uptime availability for all product systems, ensuring your fundraising operations continue without interruption

Continuous Security Improvement

While SOC 2 compliance represents an important milestone in our security journey, we view it as a foundation rather than a destination. Our security team continues to evaluate emerging threats and evolve our practices to stay ahead of potential risks.

We invite you to view our trust center for comprehensive documentation of our SOC 2 and other data security compliances in full transparency, so you can always ensure that Givzey | Version2.ai puts data security at the top of our priorities.

Schedule a demo  today to see how Givzey can help your organization streamline digital pledge agreements, accelerate gift closure, and create exceptional donor experiences that drive results.