Security
Learn how Fundraise Up secures your organization’s fundraising data.
Fundraise Up takes security and compliance seriously and offers a number of features to ensure that all user data is kept safe. All data is encrypted using the latest industry standard encryption technology and all payment processing is PCI compliant.
Fundraise Up also follows strict anti-fraud measures to protect your fundraising campaigns from fraudulent activity.
In addition, Fundraise Up is compliant with GDPR and other data protection laws, ensuring that all user data is handled responsibly and securely.
Compliances
Fundraise Up is compliant with the following regulatory standards.
| Global | ISO27001, SOC 2 Type 2, PCI DSS Level 1 4.0, WCAG 2.1 AA |
|---|---|
| US and Canada | CCPA, CRA, PIPEDA |
| Europe | GDPR |
Personally identifiable information (PII)
Learn how Fundraise Up secures your organization’s fundraising data by reading the PII FAQ.
SSL requirements
Fundraise Up requires a valid SSL certificate to be installed on your web server, and your website must be served using HTTPS. If a valid SSL certificate cannot be detected, it will not be possible to process donations using our Checkout modal.
To request more information about Fundraise Up’s security practices and compliances, email our support team.
Single sign-on (SSO) and Two-factor authentication (2FA)
Fundraise Up enhances account security with options such as Single sign-on (SSO) and Two-factor authentication (2FA).
Fundraise Up's SSO is supported via SAML 2.0 for secure data exchange with your Identity Provider (IdP). For better security, SSO sessions last 12 hours and automatically log out after that. Verified domains are automatically checked every week. Learn more →
Fundraise Up provides 2FA through both SMS and authenticator apps. Learn more →