Trust & security
A plain-English overview for L&D, IT, and procurement teams. Drop the link in your security review—we keep this page current.
Mighty is a Chrome extension. It augments the Articulate Rise editor; it does not replicate your courses anywhere. Course content stays in Articulate's cloud and is exported via Rise's standard SCORM, xAPI, or Articulate Review pipelines.
Account information (email, billing details via Stripe), and any Discover templates a user explicitly publishes to the public gallery. Studio-generated HTML/CSS/JS scaffolds become part of your Rise course content the moment you drop them into a block.
Authentication via OAuth + email/password (Argon2 hashing). All traffic over TLS 1.2+. Database encryption at rest. Least-privilege IAM. We segregate the marketing site's database role (the role serving this page) so it can only read the public Discover tables.
Mighty blocks export cleanly to SCORM 1.2, SCORM 2004, xAPI, and Articulate Review. We don't add any runtime dependency on Mighty's servers—your published course doesn't phone home after publish.
A Data Processing Addendum (DPA) is available to all customers on request. We retain logs for the minimum window needed for security and billing reconciliation. Education-sector customers receive an FERPA-compatible processing addendum.
Email security@maestrolearning.com. We acknowledge within one business day and triage to engineering immediately for any plausible vulnerability.
Install in Chrome, open your next Rise course, and ship the interactives you couldn’t before. No credit card. Cancel any time.