Security and Privacy
Security and privacy in the online world of data and donor management, payment processing and child sponsorship is a critical issue. We understand its importance and are dedicated to addressing it through as many means as possible. These are some of the many built-in features and methods in which REACH addresses security and privacy.
General
We use a Secure, Level 1 PCI compliant payment processor for encrypting and processing credit card payments. Learn more.
Your data and information are hosted and managed within secure data centers. Recurring assessments and risk management are continually completed to ensure compliance with industry standards.
Organizations have the ability to create a Privacy Police page to include on their web portal. Learn more.
Organizations can choose to make any Sponsorship, Campaign, Project and/or Place viewable to Admins only. Learn more.
Sponsorships
For added security and privacy measures, organizations can choose to use a placeholder image for the sponsorship’s profile image. Learn more.
For child protection and privacy measures, organizations can use alpha and numeric characters for the sponsorship title instead of using the sponsorship’s name. Learn more.
Due to privacy concerns, REACH is designed to automatically display a calculated age instead of the actual birthdate on a sponsorship profile page. Learn more.
REACH does not support contact directly between sponsors and sponsorships. We do facilitate easier communication between sponsors and sponsorships by allowing messages to be exchanged once moderated by the organization’s admins. Learn more.
Administrators
Organizations can control the notifications that their admins receive. This way, admins will only receive notifications that apply to the areas within the organization in which they are associated with. Learn more.
Organizations can set and control the levels of access each admin has within the different areas of their REACH account. Learn more.
Admins have the option to enable Two-Factor Authentication on their personal REACH Admin account to benefit from additional security from hackers. Learn more.
Admins can be limited to Read Only access to manage private account information such as billing details, domain names, campaign themes, donation setup and giving options. Learn more.
Donors
REACH includes a self-service Donor Portal. Organizations can disable access to the Donor Portal if desired. Learn more.
GDPR settings can be enabled within REACH to protect the personal data and privacy of EU citizens.
Donations
We offer hCaptcha to provide additional fraud protection. Learn more.
Several backend steps are taken during the donation process to help ensure donations are secure and completed.
Campaigns
Organizations can require admin approval before campaigns created by their donors are published. Organizations can also disable the ability for donors to create their own campaign. Learn more.
Organizations can choose to make the donor’s name and/or the donation amount anonymous on the public campaign page. Learn more.
Let’s Get Social