Security at Raisely
Our customers entrust Raisely with important personal information on your supporters and donors, and the various information they collect on those people. We take security and privacy seriously, factoring it into every decision we make. Below we've outlined the key measures we have in place to ensure private customer data stays private and secure.
Handling and storing data
We're committed to following technical best-practices in the handling of customer data. All communications between Raisely and an end user, or with the Raisely API are encrypted with TLS 1.2. We always upgrade insecure connections so data cannot be intercepted in transit.
Data is currently stored in the United States with Google Cloud. General information on how Google Cloud handles security is available here. Our databases are highly-available, with point-in-time backups and secured with a combination of firewalls and passwords.
All data is encrypted at rest.
Our application servers also operate from the Google Cloud US Central region. They are configured to be highly available, protected by firewalls and access to the servers is limited on a needs basis.
All of the internal code in Raisely is written with a security-first approach. We regularly audit Raisely's external dependencies, carefully limit the information third-party infrastructure providers receive, and use automated testing to ensure our endpoints respond to unauthenticated requests correctly.
In the rare case Raisely employees need to work on a copy of production data, often for debugging purposes, we automatically anonymise all known personal information.
We also anonymise personal information sent to logging software, error reporting and APM tools.
Accessing private information
Data in Raisely is classified as either public or private. In order to create fundraising websites, some information must be public. This includes:
- Donor first names¹
- Donation amounts
- Fundraising profiles and totals
- Fundraising profile names²
- Campaign information
- Custom fields set as "public" by a campaign admin
¹ Campaign administrators can configure their campaign to anonymise all donor names, effectively making donors to the campaign private
² Fundraising profile names may be anything the fundraiser chooses and so may not be their actual name
Other information is classified as private and is only viewable by campaign administrators or the owner of that information (for example, a donor). Private information includes:
- Email addresses
- Phone numbers
- Physical addresses
- Transaction information
- Regular donations
- Login tokens
- Custom fields set as "private" by a campaign admin
At any time, an individual can request their data be removed from Raisely.
Administrators can access all private information, and we recommend their accounts are secured with single-use passwords.
Raisely employees can also access private information in order to support campaigns. This access is provided on a needs-basis and strict policies are followed to ensure private data stays private.
Raisely has a clear breach notification policy. All breaches are reported to relevant authorities when required by law, and always reported to customers.
In the event of a breach, Raisely will to the best of our ability:
- Investigate the breach and resolve any security vulnerabilities identified
- Investigate the impact of the breach on customer data
- Notify relevant authorities where required under law, and notify affected customers with detailed information on the nature and cause of the breach
We will do the above within a reasonable timeframe.
Auditing access to information
Raisely records all access to information – both public and private. Our application automatically records every time a piece of information is accessed, updated or removed.
In the instance of a breach within Raisely itself, or within a customer's account, Raisely is able to determine if any records were accessed in order to send the appropriate breach notifications to data subjects.
Audit logs include the user who accessed information, their IP address, user agent and the information that was accessed.
Internal information security policies
All Raisely employees follow internal information security policies designed to keep data secure, and reduce the risk of a breach or security incident.
These policies include:
- Regular audits of staff access to customer data
- Regular audits of activity on our hosting platforms and source control
- Regular reviews of all our service providers
- Encrypting all data stored on staff devices, and ensuring the physical security of staff devices when in shared spaces
- Ensuring proper password management and preventing unauthorised access to staff workspaces
- Enforced multi-factor authentication across critical infrastructure
- Regular security audits of our code, responding to risk levels based on the OWASP Risk Rating Methodology.
Complying with PCI and privacy Standards requires we handle data securely. We should never, as an organisation, receive, transmit, process or store credit card details. Our compliance is made possible because card information is sent directly to Stripe for processing and storage. Iframe usage enables us to report under the SAQ-A.
Read more about Stripe's security