Your Data, Protected
We take security as seriously as you take your ministry. Enterprise-grade protection for every church, regardless of plan.
End-to-End HTTPS/TLS
All data transmitted between your device and our servers is encrypted using TLS 1.3. No data travels in plain text.
Argon2 Password Hashing
Passwords are hashed using Argon2, the winner of the Password Hashing Competition. Even we cannot see your password.
HTTP-Only Cookie Authentication
Authentication tokens are stored in HTTP-only cookies, not localStorage. This prevents XSS attacks from stealing sessions.
Role-Based Access Control
4-tier permission system (Admin, Group Leader, Minister, Member) ensures people only access what they should.
Multi-Tenant Data Isolation
Each church's data is completely isolated. Churches cannot see, access, or query another church's information.
Security Headers
HSTS, Content Security Policy, X-Frame-Options, and other security headers protect against common web attacks.
Automated Backups
Your data is automatically backed up with point-in-time recovery. No data loss, ever.
Rate Limiting
API rate limiting protects against abuse and brute-force attacks. Background job queues prevent resource exhaustion.
Infrastructure You Can Trust
Cloud Infrastructure
Deployed on globally distributed cloud infrastructure with automatic scaling, health monitoring, and zero-downtime rolling deployments.
Secure Database Storage
Enterprise-grade PostgreSQL database with automated backups, point-in-time recovery, and connection pooling for reliability.
Global File Storage
Secure object storage with global CDN distribution for fast, reliable file access from anywhere in the world.
Compliance & Privacy
GDPR
We respect EU data protection regulations. Users can request data export and deletion.
CCPA
California residents have full rights to access, delete, and opt out of data collection.
COPPA
Kids check-in data is handled with extra care. No data is collected from children under 13 without parental consent.