Security

We take the security of your church data seriously. Here's how we protect it.

Credential encryption

CHMS API keys, OAuth secrets, and tokens are encrypted at rest using AES-256-GCM before storage. We never log or expose credentials in plain text.

Infrastructure

We use Supabase (PostgreSQL) and Vercel for hosting. Data is encrypted at rest and in transit. All connections use HTTPS.

Origin validation

Widget API requests are validated by origin. We only return church data when the request comes from a domain you've approved in Settings. Unauthorized domains receive no data.

Access control

Data is scoped by church. Users can only access data for churches they belong to. Team access is invite-based. We use Row Level Security (RLS) in the database.

Full data deletion

Churches can permanently delete all their data at any time from Settings. We delete everything: church profile, credentials, origins, tools, invites, and support tickets. No backups, no retention—when you delete, it's gone.

Questions about security?

We're happy to discuss our security practices with churches and partners.