We know how important it is to keep your data safe, secure and reliable. We take this responsibility seriously, and have many safeguards in place to ensure that DonorDo remains a trusted partner in your organisational processes.
All DonorDo accounts use 256-bit SSL-encrypted connections. Thus, all information communicated between your browser and DonorDo are protected from third parties and eavesdroppers. This is the same level of security used by online banks.
DonorDo uses Amazon Web Services (AWS) for hosting. Their high-performance, state-of-the-art data centers are protected with keycard protocols, biometric scanning protocols, and around-the-clock surveillance. They also have redundant power feeds and generators, robust fire suppression, and carefully monitored climate control to protect the servers that store your data and manage your billing.
DonorDo maintains a 99.9% uptime on average. We use redundant storage and servers to keep the application and your data available in the case of hardware failure. Our servers have redundant power supplies, and critical application components are deployed in redundant pairs.
We have multiple backup systems in place to protect your data. We take daily backups and securely store them in multiple geographic locations to ensure that your information will be safe and your records can be quickly restored even in a case of emergency. We retain this backup data for 180 days.
Responsible Disclosure of Security Vulnerabilities
If you are a security researcher and think you’ve found a security vulnerability with our service, product, or website, we appreciate your help in disclosing it to us in a responsible manner.
Please send a complete description of the issue to firstname.lastname@example.org, and include code samples and as much detail as possible. Our security team will acknowledge receipt of your email promptly and investigate the issue.
Most security reports will take less than 24 hours to investigate and determine a course of action. Please remain responsible and retain the private nature of this disclosure until the DonorDo security team has responded to your submission with a timeline of any mitigation underway.
We do not pursue any action against anyone who discloses issues through this process. DonorDo does not compensate disclosing parties for submissions.