Trust and security

The most secure choice you can make 

Rely on Benevity for Goodness solutions that meet the highest security standards — 24/7/365 
Request a demo
Levi's logo
Merck Logo
Cisco company logo
Prudential logo
Visa logo
UPS logo
GE Appliances logo
ADP logo

Compliance

A pair of hands holds up a small globe against a blurred cityscape backdrop at sunset, with colorful lights and a soft, pastel sky in the background.
We undergo regular independent verification of our security, privacy and compliance programs — so you have peace of mind. 

Security

We partner with industry leaders, integrate the latest safeguards and continuously assess threats — so your data and donations are safe with us.

Privacy

2 employees in a taxing and invoice action in front of a computer
Privacy is a fundamental right and its requirements vary around the world. We comply with the strictest protocols — so you know (and control) how your information is used.

Vetting & validation

We validate and monitor the legitimacy of each of the over two million nonprofits on our platform — so you can be confident that your funds are going to organizations in good standing.

Compliance

Benevity leads the way in compliance — it’s a key reason why companies with the strictest security standards choose us. We maintain the most comprehensive set of industry-recognized certifications and attestations to ensure your data remains secure.
Request a demo
AICA SOC

SOC 2 and SOC 1 Reports

Benevity undergoes annual independent evaluations on the effectiveness of our internal controls against the globally recognized System and Organization Controls (SOC) requirements, based on the Auditing Standards Board of the American Institute of Chartered Professional Accountants.

These SOC reports provide assurance to our clients that our control descriptions are accurate, suitably designed and operating effectively. Benevity currently issues SOC 1 Type II and SOC 2 Type II reports.
Star Level One

CSA STAR Level 1

The Cloud Security Alliance (CSA) is a nonprofit organization dedicated to promoting best practices for security and privacy controls for cloud computing offerings.

The CSA’s Security, Trust, Assurance and Risk Registry (CSA STAR) helps organizations assess cloud service providers.
PCI DSS Compliant

PCI Data Security Standard

The Payment Card Industry Data Security Standard (PCI DSS) is the global payments industry security standard. The Payment Card Industry Security Standards Council, which created the PCI DSS, develops resources for safe payments worldwide. Benevity partners with PayPal and BlueSnap, certified PCI DSS payment providers, to protect cardholder data.

Benevity does not collect, store or process any cardholder data. Cardholder data is collected directly by our PCI DSS certified partners who specialize in payment processing services. To ensure we meet our obligations, Benevity completes an annual PCI SAQ-A for payment processing security.
Certified B Corp

Certified B Corporation

B Corp certification verifies Benevity’s commitment to meeting high standards for performance, accountability and transparency on factors from employee benefits and charitable giving to supply chain practices and input materials.

Unlike traditional corporations, Certified B Corporations are legally required to consider the impact of their decisions on their employees, suppliers, community, consumers and environment.  For more information, click here. 

Our security commitment

We ensure that your data is secure across all Benevity products and services.

Our product

Our security-by-design approach to product development means we build through the lens of security. We integrate with your identity providers for SSO to make your giving experience simple and seamless.

Our people

Security and privacy is embedded into our culture. Our people take regular training to protect themselves, our clients and our business and are made aware of the latest security risks and threats.  

Our partners

Threats to cybersecurity are always evolving. Our security teams work with globally recognized partners to ensure our platform adopts the latest protections and is continuously scanned for threats and vulnerabilities.

A person holding a smartphone showing a confirmation screen while logging in to a laptop, with a coffee cup and office desk in the background.
A digital world map with continents outlined in white over a blue background filled with binary code, symbolizing global digital connectivity and data exchange.

Our privacy commitment

We ensure that every user’s privacy rights are respected, wherever they are in the world.

Global regulations

With a global client base, Benevity’s privacy program is designed to meet the world’s strictest regulatory requirements. The EU’s General Data Protection Regulation (GDPR) is considered the world’s leading regulatory framework, setting the standard for all other jurisdictions. Benevity regularly monitors and updates our privacy program to ensure alignment with the changing regulatory landscape, recent EU decisions such as the invalidation of the EU-U.S. Privacy Shield and the U.K.’s exit from the EU.

Global safeguards

Recent EU decisions like Schrems II have highlighted the necessity of employing additional safeguards to secure data during cross-border transfers. Benevity uses industry-leading encryption methods to protect data both in transit and at rest.

Benevity’s commitments are detailed below. 

  • Our Privacy Notice outlines our commitment to our user’s data privacy rights.
  • Our Data Processing Addendum defines our standard commitments to our clients and includes the EU’s Standard Contractual Clauses and our up-to-date list of sub-processors.

Our reliability commitment

To ensure our products are highly available and scalable, we partner with the world leader in cloud infrastructure hosting, AWS. 

Availability

The call for Goodness can come at any time, and your program should be ready to respond — 99.5% uptime is our promise to you.  

Rapid scalability

Developed using AWS’s Elastic Cloud Computing, our products scale rapidly when demand increases and certain thresholds are hit.

Resiliency, continuity and recovery

When the unexpected happens, we’re ready. We have the people in place and the alternate infrastructure on standby.

Two people stand at a desk with a laptop, tablet, and papers. One person holds a tablet while the others point at documents, suggesting a collaborative work or discussion environment.
A graphic shows three logos connected—Bureau van Dijk, a central blue logo, and TechSoup—above a world map with dotted lines linking various countries to these organizations.

Our global vetting commitment

We ensure that every nonprofit on our platform is legitimate and in good standing.

Global reach

Maintaining the largest database of nonprofits in the world (over two million!) means that we employ highly sophisticated vetting processes so you can give with confidence.

Vetting and validation partners

Our partnerships with TechSoup and Moody's help us to monitor nonprofit legitimacy and ensure they meet their local jurisdiction’s regulatory requirements.  

All nonprofits are vetted before onboarding and periodically reviewed to determine they are operating in accordance with Benevity's Terms of Use and Platform Eligibility Guidelines.

Transaction monitoring

Benevity has dedicated teams monitoring for fraud, with automated detection and prevention measures in place to ensure the integrity of your giving program.  

Learn more about our security and vetting processes and our commitment to nonprofit organizations here.

Trust and security FAQs

Check out our FAQs to learn more about  security and privacy at Benevity.

Still have questions?

We’re here to help—get in touch and let us know what’s on your mind.
Contact Us
What security and privacy measures does Benevity have in place to secure my data? 
How does Benevity comply with GDPR, including the recent Schrems II decision? 
Who can I contact with security or privacy questions? 
How are nonprofits vetted?
How do I flag a nonprofit in the Benevity portal for breach of terms of use?

Commit to meaningful
change today

Let's explore how we can help you achieve your company's purpose-driven goals and build a culture of impact, together.
Request a demo
Group of people cleaning up a beach
Group of friends posing for a photo
Woman holding on her arms a kid with a red airplane
Volunteering cleaning up a park
2 women with a dog