Built to protect donor trust
Your donors trust you with their information; you’re trusting Occam with it. Here’s how we keep it safe.
Per-organization isolation
Every organization's data is walled off from every other. Access is checked on each request against your membership and role — one org can never read or touch another's donors, gifts, or campaigns.
Encryption in transit & at rest
All traffic is served over HTTPS/TLS, and sensitive fields are encrypted at rest with a dedicated key. Even at the database level, the most sensitive values aren't stored in the clear.
Role-based access
Owner, Admin, and Staff roles grant only what each person needs. Billing and settings stay with owners and admins; day-to-day work is open to staff.
Audit trail
Sensitive actions are recorded with who did them and when, so there's always an answer to “who changed this?”
Passwordless sign-in
Occam uses email magic-link authentication — there's no password to guess, reuse, or leak, and sign-in links are single-use and short-lived.
Payments handled by Stripe
Donations run through Stripe on your own connected account. Card details go straight to Stripe and never touch Occam's servers, keeping card data out of scope.
Tested continuously
An automated security test suite runs on every change — covering cross-tenant isolation, authorization, and injection — so a regression is caught before it ships.
Your data, your call
You can export a donor's full record, or permanently erase it on request, to support privacy obligations like GDPR and CCPA.
Occam is an early-stage product, and this page describes the safeguards in place today rather than a finished compliance program. Found something that looks off? Please reach out through our Contact link in the footer — we take responsible disclosure seriously and will respond quickly.