DonorPerfect Online Security

A donor safely donating online

User management and data security

A secure system you can trust

Image of a person logging in securely to DonorPerfect.

Ensuring data security

You work hard to build and manage donor relationships, and we honor that commitment by securing your data. DonorPerfect’s cloud-based fundraising platform provides high-level encryption and robust safety protocols.

With multi-factor authentication (MFA), DonorPerfect adds an extra layer of security. MFA requires a code sent to your email, along with your username and password, to log in. This two-step process helps safeguard your account from unauthorized access.

Give individuals access only to the data they need through user-based permissions and security filters while protecting donors’ sensitive information.

data security video thumbnail

Multi-site advanced security

Customize who sees records across your nonprofit’s locations.

WATCH NOW

Best practices in nonprofit data storage

There are steps you can take today to better protect your donor data from data breaches and potential bad actors. Here are a few tips from the DonorPerfect team to get you started:

Establish clear policies

Develop procedures for gift processing and handling donor data, and ensure they’re shared with all team members involved in donation interactions. Understand which data types are considered confidential, and regularly review relevant regulatory requirements such as FERPA or HIPAA.

Avoid storing sensitive information

Do not store banking or credit card details in your fundraising system. This includes images of checks with account and routing details and reply devices (forms used by donors to respond to solicitations) containing handwritten credit card numbers.

Achieve PCI compliance

Payment Card Industry Data Security Standards were designed to safeguard cardholder data. While DonorPerfect’s technology shields most aspects of credit card data storage, transmission, and processing, your nonprofit should also ensure compliance independently. Take advantage of our free nonprofit PCI compliance program.

Be cautious with all data

Handle all data in your system with care. Some nonprofits may be subject to FOIA (Freedom of Information Act) requests. Go ahead and put helpful details in your donor records, but avoid uploading anything you wouldn’t want to see published.

DonorPerfect’s independent attestation of security

SofterWare and DonorPerfect regularly engage highly reputable, external security assessment organizations to perform detailed reviews and penetration testing of our infrastructure, hosting, and software in order to provide the highest level of assurance that our applications are secure.

In March of 2024, PivotPoint Security, an independent security assessment organization with extensive experience in the nonprofit industry, performed an assessment and provided a letter of attestation. The test included an extremely detailed review of the DonorPerfect software and server infrastructure environment. Here is a copy of their attestation.

PivotPoint’s review determined that SofterWare’s systems were secured in a manner consistent with industry best practice, and notably better than those of peer organizations that they have tested.

The team responsible for conducting the security assessments was led by a Certified Information Security Auditor/IRCA ISO 27001 Auditor and included personnel appropriately qualified to render this opinion (e.g., Certified Information System Security Professionals, Microsoft Certified System Engineers, Certified Ethical Hackers, etc.)

The clean data checklist for nonprofits document mockup

Lean on our team to keep your data clean

We’re here to help you maintain safe and healthy data from implementation forward. DonorPerfect experts are ready to assist with your record-keeping, filtering, and reporting needs through individual and group training sessions, on-demand webinars, live chat, and more. 

Get started today with our free resource, the Clean Data Checklist!

Keep your data secure with DonorPerfect

Build trust: Safeguard your donor data

  • Process donations with our PCI-compliant payment gateway
  • Maintain data safety as your nonprofit grows with our scalable systems
  • Benefit from fully encrypted data through our TLS 1.2 protocol
  • Receive GDPR guideline assistance from the DonorPerfect team
  • Protect user accounts with our two-step MFA login process

Customize access: Set user preferences and permissions

  • Customize user privileges for groups or individuals
  • Use security filters to limit access to sensitive data
  • Ensure secure login and password recovery procedures
  • Specify which computers and networks can access your organization’s data through defined IP addresses

Rest easy: Back up and recover data as needed

  • Create user backups to restore to previous system states
  • Preserve 30 days of restore points through automatic nightly server backups
  • Back up your system with local files as part of our data assurance plan

The perfect companion for all your donor relations needs. I brought DonorPerfect to my organization because it is user-friendly and has all the tools I need for both our finance office and donor relations.”

– Ellen V., Chief Development Officer

toronto skyline

Located in Canada? 

AWS Canada physically hosts all Canadian DonorPerfect customers’ data in Quebec, with access facilitated from Toronto and Vancouver.

For an in-depth look at how your nonprofit can assess your cybersecurity, visit the National Council of Nonprofits’ comprehensive resources page.

Protect your data with DonorPerfect today