Trust center

Security at DonorBeam

Security claims are tied to implemented controls. The current public environment is a test-mode sales demo, not an independently certified production service.

Tenant isolation

Organization-scoped relational constraints and database row-level security.

Payment ownership

Direct Stripe connected-account charges with signed, idempotent webhook reconciliation.

Identity

Invite-only enrollment, exact redirect allowlists, strong passwords, token rotation, and TOTP support.

Edge protection

HTTPS, HSTS, content security policy, frame protection, and Cloudflare edge controls.

Secrets

Provider secret stores and local Keychain references; no production secrets committed to source.

Auditability

Durable checkout lifecycle, immutable provider identifiers, ledger entries, and audit events.

Current assurance boundary

DonorBeam does not currently claim SOC 2 certification, independent penetration testing, or completed PCI attestation. Stripe-hosted Checkout is intended to minimize payment-card scope, but counsel and a qualified assessor must confirm the final production posture.

Report a vulnerability

Send a concise description and reproduction steps to security@donorbeam.com. Please avoid accessing or changing data that is not yours.