Encryption, secure authentication, and trusted infrastructure. We take the protection of your congregation's information seriously.
Built on trusted infrastructure with industry-standard security practices to protect your data.
Hosted on Supabase with encryption and redundancy
All data encrypted in transit
Data export, deletion, and access request tools
Payment data handled by Stripe (PCI Level 1)
Multiple layers of protection keep your data secure at all times.
All data is encrypted in transit using SSL/TLS. Data at rest is stored in encrypted databases managed by our infrastructure provider (Supabase).
Granular permissions ensure that team members only see what they need to. Control access at the user, role, and resource level.
Your data is automatically backed up with multi-day retention by our infrastructure provider. Data is stored with geographic redundancy.
Built on trusted cloud infrastructure with monitoring and redundant systems to keep your church data accessible.
Passwordless authentication via secure magic links eliminates the risk of weak or reused passwords. CSRF protection on all authenticated routes.
All payment data is handled by Stripe, a PCI DSS Level 1 certified payment processor. GraceBase never stores credit card numbers.
Access our security documentation, compliance reports, and privacy policies.
For security inquiries or to report a vulnerability:
security@gracebase.coCommon questions about how we protect your church's data.