Security

Culture 

• There is nothing more important to us than the security of your data
• We have built a culture at Volunteero that places the upmost importance on security and data protection
• We make frequent reviews of our security protocols and ensure we adhere to the highest industry standards

Data 

• We adhere to GDPR regulations
• All data is stored in the EU
• Your organisation’s data is saved securely by Volunteero, and cannot be accessed by anyone but those within your organisation
• Data is not shared with any third-party and your data never leaves our database, except when you export it

Infrastructure

• We operate on Amazon Web Services servers based in Ireland
• Our databases are not accessible from the public internet, and cannot be accessed by anyone besides our own services. 
• All data is backed up every hour
• We keep extra capacity for redundancy, always operating from multiple data centers to not be dependant on one

Permissions

• Organisation admins retain full control over staff and volunteer access
• Organisation admins can restrict access to data per user
• Organisation admins can remove all access of their users at any time

Encryption

• All data transmitted over the network between you and Volunteero is always encrypted with HTTPS
• Passwords are always encrypted with best industry practices
• Only the user themselves can change their password
• Volunteero cannot access, or change the encrypted passwords
  

Internal Security

• We always follow best security practices with our databases and servers
• Anyone that has access to them must have a strong password and is always required to use 2FA to sign-in
• All requests to our load balancers, servers, databases, are always logged and monitored for suspicious activity