We care about your security

Security and privacy best practices are embedded in our design and development processes, resulting in solutions that seamlessly integrate security controls required by data privacy laws with our user-friendly and flexible social impact tools.


Deed network security

To validate the effectiveness of our information security program, Deed continuously monitors and assesses our security programs, including through:

  • SOC 2 Type 2 certified

  • Routine vulnerability scanning

  • Continuous application monitoring and routine audit log analysis

  • Routine testing of and updates to our business continuity and recovery plans

  • Least privilege access controls

  • Quarterly risk assessment reviews to evaluate the effectiveness of our practices


All data found on Deed is fully encrypted, both in-transit and at rest, using industry best practices and standards. Deed also maintains strict organizational requirements for the use of cryptographic controls, in order to protect the confidentiality, integrity, and authenticity of customer information.

Data privacy

Deed’s technology is architected and implemented to ensure that your company’s information is only accessible by authorized individuals, utilizing features such as role-based user permissions, SSO and HRIS integration, and standard user password requirements.

Our goal is to provide a safe, secure and meaningful social impact tool, and our team is fully prepared to meet your company’s data privacy needs.


We collaborate with privacy and security professionals and our vendors to ensure our platform can meet your data protection needs:

  • California Consumer Privacy Act (CCPA)
    Deed’s security program and practices are designed to be CCPA compliant.

  • European Union’s General Data Protection Regulation (GDPR)
    Deed’s Data Processing Agreements comply with all applicable GDPR requirements.

We also integrate industry best standards by monitoring relevant security frameworks and pursuing applicable security certifications, with our information security program focused on compliance with the SOC 2 framework. For more information, visit our Trust Center.

If you are security engineer who is evaluating Deed and you need documents or if you're a security researcher who wants to report possible vulnerabilities, visit our security page here.