Trust Center
Enterprise evaluations move faster when the hard questions are already answered. BetterUp’s Trust Center covers the three areas procurement and governance teams care most about — security, data privacy controls, and our responsible AI framework — and connects directly to our Trust Portal for immediate access to audit reports, certifications, pen tests, and policies.
Trusted by
top enterprises
Trusted by
top enterprises
Built for safe, responsible development.
Grounded in coaching ethics
Our platform is built on professional coaching standards that prioritize member well-being and development.
Confidential by design
Privacy and confidentiality are embedded in every layer of the platform architecture and experience.
Built for quality and safety
BetterUp data is encrypted in transit and at rest using industry-standard methods, including TLS and AES-256.
AI governance you can trust
BetterUp’s AI-powered products are certified compliant with ISO 42001, demonstrating our commitment to keeping our AI features safe, secure, and trustworthy. Read more about our ISO 42001 certification.
Three pillars of protection
Responsible AI
AI-powered features like our AI Coach are built with clear boundaries, human oversight, and ISO 42001-certified compliant governance, all designed to support quality and preserve trust.
Read more about Responsible AI
Security
Enterprise-grade protection is built into the platform. BetterUp combines rigorous controls, strong encryption, independent testing, and continuous risk management to help protect customer and member data.
Privacy
Designed to protect personal data and human transformation experiences. We apply privacy controls at every layer, and safeguard the confidentiality of coaching interactions across the platform.
AI built for growth and governed for trust
BetterUp’s AI-powered features are purpose-built for human transformation and grounded in behavioral science and that distinction shapes how we govern it. Our AI features operate within coaching-specific boundaries; get tested continuously against bias, fairness, ethics, and accuracy criteria; and are overseen by a dedicated safety and ethics program and BetterUp’s own AI Safety Council.
AI built for developing people, not evaluating them
BetterUp’s AI-powered features are built for one purpose: helping individuals grow. They don’t assess employees for hiring or performance management, make decisions that affect someone's employment, or report individual coaching content or inferences back to their employer. That’s a responsible product choice that pre-dated AI regulations, and it’s what keeps our AI out of the categories that regulators in the US and EU have identified as highest risk. Your employees get a genuine development tool without giving your legal team another compliance concern.
Effectiveness proven by a controlled study, not asserted by marketing
Most AI vendors tell you their product works. We ran a randomized controlled trial to demonstrate it. BetterUp Labs conducted a four-week study with full-time workers, randomly assigned to BetterUp AI Coaching, a major LLM provider, or a control group. BetterUp AI Coaching produced statistically significant gains in productivity and AI readiness compared to the major LLM provider, with the strongest effects among participants who were least AI-oriented at the start.
Security built in, not layered in.
Protecting coaching data isn't just a feature — it's a precondition for the platform working at all. We invest in security at every layer: the architecture, the development process, the controls on who can access what, and the independent parties we bring in to find what we've missed. The audits behind our certifications exist to verify one thing: that what we say we do is what we actually do.
Executive and board oversight
BetterUp has an active Information Security Committee ISC in place. The executive leadership and the BetterUp board is given periodic updates on the overall security threats, hygiene, and maturity of the Information Security Program.
Scrutiny-tested certifications
SOC 2 Type II and ISO 27001 aren't point-in-time claims — they require ongoing independent audits that validate our controls are actually working, year over year. Our current certifications and reports are available through the Trust Portal at trust.betterup.com.
Independently audited
We hire independent third parties to attempt to break into our platform and use what they find to make it stronger. External penetration tests cover applications, services, and infrastructure, with all vulnerabilities tracked through remediation. A summary is available under NDA.
Robust shared security model
BetterUp runs on AWS US and EU regions using a multi-availability zone model, managed through Heroku's private-space PaaS — which includes a built-in Web Application Firewall. Both AWS and Heroku hold SOC 2 Type II and ISO 27001 certifications.
Privacy that respects everyone.
Coaching only works when people feel safe to share candidly. Privacy at BetterUp is an architectural decision, made at the design stage and carried through every product update since. Members engage knowing their sessions are theirs. Organizations get the authentic insights that only come from people who aren't holding back.
Confidential by design, valuable by result
When members know their one-on-one and AI Coach sessions are private — not visible to employers or managers — they engage more openly. That quality is what makes coaching transformational. It’s also what makes your anonymized, aggregated organizational data meaningful: you're measuring a closer snapshot of your organization’s sentiment.
Customer data is not used in model training
Your members' coaching conversations are never used to train third party AI models. We back that up contractually: every AI vendor we work with is explicitly prohibited from using coaching session data for model training or any purpose outside of direct service delivery.
Your data, your region
We give organizations a choice of where their data lives — US or EU hosting — so you can meet your regulatory requirements and internal data governance preferences without workarounds. Choose the region that works for your organization; we'll handle the rest.
We carry the compliance weight
Most enterprise vendors pass privacy obligations back to the customer. BetterUp doesn't. We manage consent, handle deletion and access requests, maintain audit logs, and absorb the regulatory obligations that come with handling coaching data, so your legal, HR, and governance teams get a platform that's already done the compliance work.
Trust and security
No. BetterUp does not use customer data to train LLMs.
BetterUp publicly references SOC 2 Type II, ISO 27001 and ISO 42001, along with privacy-related commitments including GDPR and CCPA.
BetterUp uses TLS for data in transit, AES-256 for data at rest, access controls based on least privilege, monitoring, and vulnerability management.
Individual user interactions are confidential and aggregated, anonymized insights are shared only when thresholds are met.
The BetterUp Trust Portal provides access to reports and supporting diligence materials.