April 22, 2025
The Trust Center provides transparent access to Pantheon’s security controls, security policies, compliance certifications, and data privacy practices. These updates are part of our ongoing commitment to transparency and making it easier to access the information you need.
What’s included?
Publicly accessible information:
- Technical, security, and privacy FAQs.
- Descriptions of key security controls, covering areas like availability, change management, control environment, information and communication, logical access, system operations, risk assessment, and risk management.
- Table of contents for major security policies, including Access Control, Backups, Business Continuity Plan, Third Party Risk Management, and Overall Information Security.
- Voluntary Product Accessibility Template (VPAT) report.
- U.S. and U.K. Privacy Policies.
- Full list of Pantheon sub-processors.
Confidential documentation (available upon NDA completion):
- SOC 2 Type 2 report.
- TX-RAMP Level 1 certificate.
- Higher Education Community Vendor Assessment Toolkit (HECVAT) with responses.
- Full versions of key security and privacy policies.
- Most recent platform and network penetration testing results.
- Pantheon architecture diagram.
For more details, see the Trust Center.