Motivosity is Certified, Compliant, and Secure

Understand how Motivosity takes your privacy seriously.

At Motivosity our policies, processes and systems are designed to create a wonderful user experience, while protecting their information.

Logos for G2 Crowd, Capterra, Comparably, and Google
Logo for G2 Crowd
Logo for Capterra
Logo for Comparably
Logo for Google
Illustration of Carl the Yei holding a sword and shield iwth a SOC compliance badge representing how Motivosity takes security seriously.

Trusted by global, leading brands.

Health Equity Logo
Toyota Logo
Altabank Logo
First Entertainment Credit Union Logo
Chick-fil-a Logo
Dentsu Logo
A&W Logo
Deseret First Credit Union Logo
Bosch Logo
LazyBoy Logo
Red Canoe Credit Union Logo
KPMG Logo
Western Governors University Logo
Great Clips Logo
Cotopaxi Logo
Fuji Film Logo
Hancock Health Logo
Sales Rabbit Logo
Smoothie King Logo
Software One Logo
University of Michigan Logo
Zions Bank Logo
Bosch Logo
Western Governors University Logo
Great Clips Logo
Health Equity Logo
Toyota Logo
Altabank Logo
First Entertainment Credit Union Logo
Chick-fil-a Logo
Dentsu Logo
Woman sitting on a couch holding a tablet.

What data does MV protect? Data collection:

The only data collected by Motivosity is nonsensitive, publicly available personally identifiable information (“PII”) of our users.

  • Name (required: first and last, optional: preferred name)
  • Work email (purpose: primary identifier of a user account, used for login)
  • (optional) Day and month of birthday - NOT year (purpose: for elected birthday reminders/shoutouts)
  • (optional) Mailing address & phone number (purpose: ThanksMatters card, award delivery)
Screenshot of the Motivosity survey creation modal.

Data Handling:

No application data is public. Information can only be accessed by authorized users. Each user belongs to a company. No information from one company can be accessed by a user from another company.

We do NOT store, transfer, or sell any data related to the following categories:

  • Sensitive PII (e.g. driver’s license, Social Security number, full legal name, bank account number(s), passport, birth certificate, etc.).
  • PCI (i.e. payment cards; all credit card payments paid to Motivosity go directly through Stripe, our payment processing partner. Details about their security posture and PCI compliance can be found at Stripe’s Security page.)
  • HIPAA (i.e. health and medical information)
  • FedRAMP (i.e. government data)
  • SOX (i.e. financial reporting & integrity)

How Does MV protect your data?

Here is how your data is processed and stored within the Motivosity platform to assure it is protected and immutable.

Firewall

AWS Web Application Firewall (WAF) in front of Cloudfront distributions.

Load Balancer

AWS autoscaling and provisioning. Multi-region redundancy and recovery.

Application

Containerized applications deployed using AWS Codepipeline for Continuous Delivery to AWS Elastic Beanstalk (EBS)

Database

AWS Relational Database Service (RDS). Encrypted at rest with redundancy and scaling built in.

Motivosity conducts a load test simulating a load of five times the current max traffic load of the system. This simulation is based on the typical user interaction with the platform, the typical company size, and the typical session duration.

Motivosity makes a daily backup of the data. These backup snapshots are stored for three days.

The data recovery process happens in an automated way every day as the staging environment self-rebuilds from the previous day’s backup snapshot. Actual production recovery would follow a similar process and data loss would be limited to a maximum of 24 hours.

AWS Infrastructure and admin console access is restricted by role and group based credentials based on least privileged and MFA authentication protections.

Execute with Confidence

Frequently Asked Questions

  • Is your data encrypted?

    Yes! All information in Motivosity is encrypted in transit using TLS 1.2 and also encrypted at rest by default within AWS RDS using AES-256 encryption.

  • What is the security for user authentication?

  • What is Motivosity’s monitoring and alerting solution?

  • Does Motivosity test and validate security controls?

  • Where is my data stored?

  • What are the data retention and backup policies?

  • Does Motivosity have a Disaster Recovery plan?

  • How does Motivosity support technical issues?