Trust center
Security at DonorBeam
Security claims are tied to implemented controls. The current public environment is a test-mode sales demo, not an independently certified production service.
Tenant isolation
Organization-scoped relational constraints and database row-level security.
Payment ownership
Direct Stripe connected-account charges with signed, idempotent webhook reconciliation.
Identity
Invite-only enrollment, exact redirect allowlists, strong passwords, token rotation, and TOTP support.
Edge protection
HTTPS, HSTS, content security policy, frame protection, and Cloudflare edge controls.
Secrets
Provider secret stores and local Keychain references; no production secrets committed to source.
Auditability
Durable checkout lifecycle, immutable provider identifiers, ledger entries, and audit events.
Current assurance boundary
DonorBeam does not currently claim SOC 2 certification, independent penetration testing, or completed PCI attestation. Stripe-hosted Checkout is intended to minimize payment-card scope, but counsel and a qualified assessor must confirm the final production posture.
Report a vulnerability
Send a concise description and reproduction steps to security@donorbeam.com. Please avoid accessing or changing data that is not yours.