Pivot Interactives is not currently SOC2 compliant, as SOC2 is a standard that is more appropriate for Enterprise-Scale businesses. That said, we have implemented many of the principles of the SOC2 standard, including two-factor authentication, encryption, disaster recovery, etc.
Many of the remaining SOC2 criteria have to do with the security of the physical servers or the interface with those physical servers. We don't have our own servers but instead use cloud servers provided by AWS, Heroku, and MongoDB, which are all SOC2 compliant.
For more information about the steps we take to secure your data, please visit our HECVAC (Higher Education Community Vendor Assessment Toolkit) form, or contact privacy@discoveryed.com.