We take security of donors’ data and the whole Big Give platform very seriously.
We use several strategies to keep data and people safe. These include:
-
- Minimising data we store, with detail of what is kept for donors provided in our Privacy Policy.
-
- Ensuring apps use encryption in transit. For donation pages, we only support browsers that use modern ciphers to ensure that encryption’s safe.
-
- Encrypting personal data that we store in our own systems at rest.
-
- Regularly backing up all critical data.
-
- Following best practices for data stored in Salesforce, which also has its own security measures and assurances.
-
- Never storing full card details ourselves. This data is stored only with Stripe, who are PCI Service Provider Level 1 certified.
-
- Patching all software and services under our control regularly, with strategies including automated scanning and external audits used with the aim of ensuring all custom code is safe.
-
- Following the principle of least privilege: limiting personal data access to reduce risks from any individual security compromise.
-
- Limiting code’s access to data and networked services as far as possible, to similarly limit the risk from any compromise.
-
- Protecting all cardholders from fraud, through additional measures that we can’t detail publicly in order to maintain their efficacy.
The Big Give Trust Ltd is based in the UK and complies with the Data Protection Act and General Data Protection Regulation. If a breach of personal data occurs, we will report it to the Information Commissioner’s Office.
As noted in our Terms & Conditions, you are responsible for the strength of passwords that protect your personal data. We try to help you avoid using compromised passwords if registering as a donor but do not do ongoing checks – ideally you should use unique passwords for each site and change any passwords you suspect to be involved in a compromise elsewhere on the web.
If you believe you have identified a security weakness in our systems, please contact us and we will investigate this as our highest priority.