Trust & Security
Built to protect the trust your community places in you.
Mosques and charities handle sensitive personal and donation data. Safain is designed with practical security features and clear governance so your team can work confidently.
World‑class infrastructure
Safain runs on Amazon Web Services (AWS) and relies on best‑in‑class providers (like Stripe) for payments — designed for reliability, redundancy, and security.
UK data residency
By default, Safain stores customer data in the UK (AWS London region). If you need a different region, talk to us.
Two‑factor authentication
Safain supports TOTP two‑factor authentication and can enforce it across your organisation for extra protection.
Encryption in transit & at rest
Connections are encrypted in transit (HTTPS/TLS). Sensitive secrets (like MFA secrets and integration keys) support encryption at rest using an application‑level encryption key.
Controlled access
Set clear roles and permissions so each team member only sees the data and tools they need to do their job.
Secure card processing
Safain uses Stripe for billing (and may use Stripe or Square for donations, where enabled). We don’t store raw card details on our servers — payments are handled by PCI‑compliant providers.
Audit logs
Safain records key security and administrative actions (like invites, role changes, and sign‑ins) so you can see what changed and when.
Right to access & delete
We help organisations respond to data access/export and deletion requests. As the data controller, your organisation stays in control of retention and deletion policies.
Questions about compliance?
If you need security details for due diligence (committee reviews, trustee checks, or onboarding), contact us and we’ll share the relevant information for your setup.