At Skillsetter, we believe that trust is built through consistent investment in what matters most to our customers, security, reliability, and the responsible handling of data. As our platform grows and supports more organizations, we’ve made a deliberate commitment to strengthen the systems, processes, and controls that protect the information our customers entrust to us.

That commitment is what led Skillsetter to formally invest in and begin our SOC 2 compliance journey.

We’re proud to share that Skillsetter has achieved SOC 2 Type II compliance, in accordance with the American Institute of Certified Public Accountants (AICPA) standards for Service Organizations (SSAE 18). This independent assessment validates that our information security controls are not only thoughtfully designed, but consistently operating over time.

With the proliferation of AI technologies that are so commonly criticized for indiscriminately scrapping proprietary data, we wanted to put our customers' anxiety to rest. We have subjected ourselves to an independent, internationally recognized audit so we can say with sincerity and honesty that your data is safe with us.

Stephan Wiedner, Co-founder, Skillsetter

Security and Privacy by Design

Security and data protection are embedded into Skillsetter’s operations and product lifecycle. We take a proactive approach to risk management by integrating security and privacy considerations into how we design, build, and maintain our platform.

Our teams receive ongoing training and guidance to ensure they understand their role in safeguarding customer information, and we regularly review our processes to align with evolving security best practices. This helps ensure that data protection is considered by default, not added later.

Transparency and Accountability

As part of our commitment to transparency, Skillsetter can provide SOC 2 documentation, including our current SOC 2 Type II report under a non-disclosure agreement, as well as a bridge letter when applicable.

SOC 2 compliance is just one step in Skillsetter’s long-term commitment to earning and maintaining customer trust. We will continue investing in our security posture, refining our controls, and aligning with globally recognized standards so our customers can focus on what they do best, with confidence in how their data is protected.

Built on a Foundation of Security and Compliance

Skillsetter’s SOC 2 Type II achievement builds on a security-first foundation that has guided our platform from the beginning. Long before entering our SOC 2 compliance journey, we designed Skillsetter to meet the stringent requirements of regulated industries and educational environments where data protection is non-negotiable.

Skillsetter is HIPAA compliant, supporting organizations that handle sensitive health-related information with appropriate safeguards, administrative controls, and technical protections in place. We are also FERPA compliant, ensuring that student education records are handled responsibly and in accordance with federal privacy regulations.

To support seamless and secure integration within existing learning ecosystems, Skillsetter integrates with Learning Management Systems (LMS) using the industry-standard Learning Tools Interoperability (LTI) protocol. This allows organizations to deploy Skillsetter without introducing unnecessary risk or complexity into their technology stack.

Accessibility is another core pillar of our platform. We continually test Skillsetter’s product, content, and features to support WCAG 2.2 Level AA compliance, helping ensure that learning experiences are inclusive and accessible to all users.

Together, these commitments reflect Skillsetter’s broader philosophy: security, privacy, and accessibility are not checkboxes—they are foundational to how we build, operate, and evolve our platform. Visit Skillsetter's Trust Center for more information on how we approach information security and data protection.