Enterprise-Grade Security

Your Church Data is Safe

We treat your data with the same reverence as you treat your ministry. Here's how we protect it.

TLS/SSL Encryption

All data in transit is encrypted with TLS 1.2+ (HTTPS). Every connection between your browser and FlexiCHURCH is secured with industry-standard encryption.

Multi-Tenant Isolation

Each church gets its own dedicated database. No other church, user, or administrator can access your data. Complete tenant-level isolation ensures maximum privacy.

Role-Based Access Control

Granular permissions let you control exactly who sees what. Assign roles to Pastors, Treasurers, Secretaries, Officers, and custom roles — each with specific permission sets.

Password Security

All passwords are hashed using bcrypt with automatic salting. We never store plain-text passwords. Rate limiting protects against brute force login attempts.

Audit Logging

Every significant action — logins, data changes, financial entries, role modifications — is recorded in a complete audit trail for accountability and compliance.

Automated Backups

Daily automated backups ensure your data is never lost. Backups are encrypted and stored in geographically separate locations for disaster recovery.

Infrastructure

Built on Google Cloud

FlexiCHURCH runs on Google Cloud Platform — the same world-class infrastructure that powers many of the world's largest applications. This gives your church enterprise-grade reliability, security, and scale without the enterprise overhead.

  • Highly available, auto-scaling managed cloud infrastructure
  • Automatic, redundant backups of your data
  • Fast, resilient delivery for churches worldwide
  • Data encrypted in transit (TLS) and at rest, isolated per church tenant
Google Cloud

Powered by Google Cloud Platform — reliable, secure, and built to scale with your ministry.

Security Details

How We Protect Your Data

Infrastructure Security

  • Application hosted on secured, monitored servers with 99.9% uptime SLA
  • DDoS protection and Web Application Firewall (WAF) in place
  • Regular security patches and dependency updates
  • Intrusion detection and real-time monitoring

Application Security

  • CSRF (Cross-Site Request Forgery) protection on all forms
  • XSS (Cross-Site Scripting) prevention with output encoding
  • SQL injection prevention through parameterized queries (Eloquent ORM)
  • Input validation and sanitization on all endpoints
  • Secure session management with automatic expiry

Payment Security

  • Payments processed by PCI-DSS compliant gateways (Paystack, Stripe, Flutterwave)
  • We never store credit card numbers or full bank details on our servers
  • Webhook verification ensures payment callbacks are authentic
  • Transaction logging for complete payment audit trail

Organizational Security

  • Access to production systems is restricted to authorized personnel only
  • Customer data access requires explicit authorization and is logged
  • Regular security reviews and code audits
  • Incident response procedures for rapid breach notification

Report a Security Vulnerability

If you discover a security vulnerability in FlexiCHURCH, please report it responsibly. We take every report seriously and will respond promptly.

Report Vulnerability

Email: support@flexichurch.com — Subject: "Security Vulnerability Report"