Keep Your Donor Data Secure

At Classy, security and transparency come first. Our top priority is protecting your organization, supporters, and data. We use industry proven measures to provide a safe and trusted fundraising platform so you can focus on fulfilling your mission.

Technologies and Compliance Certifications

Logo for the Amazon Web Services cloud platform
Logo for the PCI Security Standards Council certifying PCI Level 1 compliance
Logo for Rapid7, a security analytics and automation tool
Logo for Veracode, a software application security tool

Secure Cloud

Classy uses a secure cloud architecture and multiple security measures to protect sensitive data.

  • AWS Virtual Private Cloud
  • PCI Level 1 Certification
  • 24x7x365 Security Scanning and Threat Monitoring
  • Network Level Vulnerability Scanning
  • Annual Penetration Testing
  • WAF and DDOS Protection

Secure Computing

We build security into the foundation of all our products and services to ensure our platform is secure by design.

  • AWS Security Groups for Port & IP Address Restrictions
  • Load Balancer Based Compute Isolations
  • API Access Keys
  • Role-based Access Control
  • Secure Logging
  • Source-code Vulnerability Monitoring
  • OWASP Secure Coding Principles

Secure Data Management

We use strong encryption and strict access requirements, so you can be sure your data is available and secure.

  • User Credentials Encrypted w/ AES 256-bit Encryption
  • TLS v1.2 Protocol Requirement
  • 24x7x365 Security Scanning and Threat Monitoring
  • Network Level Vulnerability Scanning
  • Annual Penetration Testing
  • WAF and DDOS Protection