Security

Your church's data deserves the same care you give your community.

1. Infrastructure

Kinship is hosted on dedicated virtual private servers with enterprise-grade hardware. Our infrastructure is isolated per deployment — no shared tenancy with other platforms.

  • Hosting: Dedicated KVM-based virtual private servers with isolated resources.
  • Network: All traffic routed through Nginx reverse proxy with rate limiting and request filtering.
  • Containers: Services run in Docker containers with minimal attack surface and no root privileges.

2. Encryption

All data is encrypted both in transit and at rest.

  • In Transit: TLS 1.2+ enforced on all connections. HSTS headers prevent protocol downgrade attacks.
  • At Rest: Database volumes use AES-256 encryption. Backups are encrypted before transfer.
  • Passwords: Hashed using bcrypt with per-user salts. Plain-text passwords are never stored.

3. Authentication & Access Control

Kinship uses a layered authentication and authorization model to ensure the right people have access to the right data.

  • Session Management: Secure, HTTP-only cookies with configurable expiry. Sessions are invalidated on password change.
  • Role-Based Access: Granular permissions system with roles (Owner, Admin, Staff, Volunteer, Member) controlling access to every feature.
  • API Keys: Scoped API keys for developer integrations with configurable permissions and rate limits.
  • Audit Logging: Every administrative action is logged with actor, timestamp, and details. Audit logs are immutable and retained permanently.

4. Data Protection

We follow the principle of least privilege and data minimization.

  • Tenant Isolation: Each church's data is logically isolated. Cross-tenant data access is architecturally impossible.
  • Backups: Automated daily database backups with point-in-time recovery. Backups are encrypted and stored separately from production data.
  • Data Export: Full data export available at any time. Your data belongs to you.
  • Data Deletion: Upon account termination, data is retained for 90 days (for recovery purposes), then permanently and irreversibly deleted.

5. Application Security

Security is built into our development lifecycle, not bolted on after the fact.

  • Input Validation: All user input is validated at API boundaries using strict schema validation (Zod). SQL injection, XSS, and CSRF protections are enforced platform-wide.
  • Dependency Management: Automated vulnerability scanning of all dependencies. Critical patches applied within 48 hours of disclosure.
  • Rate Limiting: API rate limiting protects against abuse and brute-force attacks.
  • Content Security: Strict Content Security Policy (CSP) headers prevent unauthorized script execution.

6. Payment Security

Kinship does not store, process, or transmit credit card data directly. All payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor — the highest level of certification available.

Donation and payment data flows directly from the donor's browser to Stripe's servers. Kinship only stores transaction references and metadata necessary for reporting.

7. Incident Response

We maintain a documented incident response plan covering detection, containment, eradication, and recovery.

  • Monitoring: Real-time application and infrastructure monitoring with automated alerting.
  • Breach Notification: In compliance with the New York SHIELD Act (NY GBL Section 899-aa), affected users and the NYS Attorney General will be notified within 72 hours of confirming a data breach involving private information.
  • Post-Incident: Root cause analysis published for any incident affecting data integrity or availability.

8. Safeguarding & Sensitive Data

Churches handle uniquely sensitive data — pastoral care notes, safeguarding flags, background check results, and minor information. Kinship provides additional protections for this data:

  • Safeguarding Module: Restricted access with separate permission controls. Only designated safeguarding officers can view flags and suspension records.
  • Pastoral Care Notes: Access restricted to assigned care team members with full audit trail.
  • Background Checks: Results stored with restricted access. Only status (cleared/pending/flagged) is visible to scheduling systems.

9. Compliance

Kinship is designed with regulatory compliance in mind:

  • New York SHIELD Act: Administrative, technical, and physical safeguards implemented per NY GBL Section 899-bb.
  • CAN-SPAM & TCPA: Communication features include built-in unsubscribe mechanisms, consent tracking, and opt-out compliance.
  • PCI DSS: Payment processing delegated to Stripe (Level 1 PCI DSS certified). No card data touches our servers.

10. Responsible Disclosure

If you discover a security vulnerability, we ask that you disclose it responsibly. Please email security@usekinship.com with details of the issue. We commit to:

  • Acknowledging your report within 24 hours
  • Providing regular updates on our investigation
  • Not pursuing legal action against good-faith security researchers

11. Contact

Questions about our security practices?

  • Security issues: security@usekinship.com
  • General inquiries: support@usekinship.com
  • Website: usekinship.com