Security, Privacy, and Control

Security influences everything we do at Micharity. Our policy is to go above and beyond to make sure your information is secure. With Micharity, you get the highest levels of security and reliability for your fundraising applications and data. We’ll keep our eyes on the software, so you can keep your eyes on your mission.

End-to-End Approach To Data Security

Secure by design

The core tenets of Micharity’s security program are to safeguard customer data and to maintain customer trust. Micharity uses a defense-in-depth approach to implement layers of security throughout our organization. We’re passionate about defining new security controls and continuously refining our existing ones. Our security program is driven not only by compliance and regulatory requirements, but also by industry best practices like the OWASP Top 10 and the CIS Critical Security Controls and threat intelligence.

PCI Compliant

The PCI DSS certification process is designed to protect your sensitive data. Micharity is a certified Level 1 PCI Compliant Service Provider (the highest level), which requires an annual independent security audit of our processes and systems. We test our system daily (manually and automatically) to ensure security.

Secure Technology

Micharity uses state-of-the-art cryptographic algorithms during data transmission (HTTPS with RSA 2048 bit key and SHA 256 certificate) and in our databases (AES 256 encryption with unique per-row keys). Our servers are kept in PCI and SSAE18 certified datacenters with 24x7 monitoring.

Training and Education

All Micharity employees undergo background checks and security training. The development team follows strict SDLC process and industry security guidelines.

Protecting Your Money

Your money is held in a protected account by our FDIC-insured or CDIC-insured partner banks, so your funds are never at risk.

We Do the Heavy Lifting

As security standards evolve, so do our systems. As a Level 1 PCI compliant service provider, we do ongoing work to keep our systems and services secure behind the scenes, thus making it easier for you to meet compliance obligations.

Data Storage & Location

Data is stored in the United States or Canada depending on where the nonprofit is based.

Reporting and Disclosure

We investigate all reported vulnerabilities, so if you believe you've discovered a problem, please email


Your privacy is important to us. Please see our Online Privacy Policy that explains how we collect, share,