Security of your data and organization guaranteed
Web Security for non-profit organizations
Non-profit organizations process an enormous amount of sensitive personal data, such as donor and donation data, credit card numbers, and bank details.
All this data must be protected.
As a software-as-a-service platform, we are 100% GDPR-compliant and guarantee your data security across three levels: by the cloud, by the product, and by how we work as a company.
The FundraisingBox runs in a high-security cloud environment, utilizing state-of-the-art technology to secure our servers.
- Regular penetration testing
- Regular vulnerability scanning
- Fail-safe firewalls
- Redundant set-up of all hardware
- Immediate allocation of additional capacity when traffic increases
- PCI certification
- SOC3 certification
- ISO 27001 certification
Maximum product safety
We design our product with maximum safety in mind.
- PCI certification included
- Payment sandbox: Decoupled payment flows of your systems in our payment sandbox
- State-of-the-art technologies and standard banking procedures for data encryption
- Compliance with HSTS through SSL and TLS protocols
- Individual assignment of team rights at the click of a button to assign specific roles such as fundraiser, agency, or accounting
Payment sandbox: Decoupled payment flows of your systems in our payment sandbox
You can create a dedicated high-security area within your website using our sandbox technology, allowing you to process personal and payment data on your website without your servers or content management system (CMS) coming into contact with this data.
Security by us
Our employees receive comprehensive security training regularly and are committed to upholding data confidentiality. e rely on strict password guidelines, consistent two-factor authentication, and logging all relevant transactions. All pertinent company processes are documented in writing. Furthermore, we appointed an in-house Information Security Officer (ISO) and an external Data Protection Officer who regularly audits our company.
We work safely for you
We guarantee total data protection and legally compliant data storage.
- Personal data is processed in compliance with the GDPR and solely in line with the contract fulfillment.
- DPA: You enter into a corresponding data processing agreement (DPA) with us. We will gladly provide you with a DPA.
- The company is located in Germany.
- Periodic security audits by internal and external data protection officers
- Continual staff training, strict password guidelines, and consistent two-factor authentication
- Encrypted offsite backups of all your data are created daily and stored securely at several server locations.