Skip to main content

How Givebutter protects its users, donors, and donations

Givebutter utilizes the world’s very best payment encryption technology and security and regularly reviews all campaigns

Alyssa avatar
Written by Alyssa
Updated over 3 months ago

Donation security 💰

Givebutter utilizes the world’s best payment encryption technology and security. Payments are processed through our PCI-compliant payments partner Stripe, where funds are securely held until they are withdrawn via bank transfer. Givebutter does not have access to donor credit card information, and we take every measure to protect the personal information of users on our site.

User protections 💛

Givebutter campaigns are regularly reviewed with scrutiny behind the scenes to protect visitors from fraud, hate, discrimination, and other violations of our terms of service and privacy policy

Two-factor authentication 🔑

We also offer 2FA (two-factor authentication) for additional login security. If you log in from a new location, you will be required to use 2FA. You can access 2FA options on your personal profile – 2FA options are specific to your own email login. We recommend enabling 2FA as a best practice to keep your account secure.

SSL certificate 🔒

You can tell Givebutter has a valid SSL certificate by the lock icon in your browser in the URL bar. Click the icon to see more about the certification.

ssl security

Javascript ☕

JavaScript is required to view protected contact information on Givebutter campaign pages. This helps keep your organization's data safe from automated scraping tools.

Most browsers enable JavaScript by default. If you see a data protection notice, you might have JavaScript disabled by a browser extension, plugin, or security setting.

Here's how to enable JavaScript in popular browsers:

Google Chrome

  1. Click the three dots menu (⋮) in the top-right corner

  2. Select "Settings"

  3. Click "Privacy and security" in the left sidebar

  4. Select "Site Settings"

  5. Click "JavaScript"

  6. Ensure the "Sites can use JavaScript" option is enabled

Visit Google Chrome Help Center

Safari

  1. Click "Safari" in the top menu bar

  2. Select "Settings" (or "Preferences" in older versions)

  3. Go to the "Security" tab

  4. Check the box next to "Enable JavaScript"

Learn more on Safari

Edge

  1. Click the three dots menu (⋯) in the top-right corner

  2. Select "Settings"

  3. Click "Cookies and site permissions" in the left sidebar

  4. Find and click "JavaScript"

  5. Ensure "Allowed" is selected

Learn more on Edge

Firefox

These instructions are for experienced Firefox users. Changing settings in the Configuration Editor (about:config) can have serious effects on your browser’s stability, security and performance.

  1. Type about:config in the address bar and press Enter.
    A warning page may appear. Click Accept the Risk and Continue to go to the about:config page.

  2. Find the javascript.enabled preference. It should be set to true by default.

  3. If javascript.enabled is set to false, click the Toggle or Reset button to set it back to true.

Learn more on Firefox

Protection from spammers 💪

Givebutter implements several security measures to protect your organization's contact information from automated scraping and spam. Protecting your organization's contact information helps:

  • Reduce spam emails and unwanted calls

  • Prevent automated harvesting of contact details

  • Maintain donor and organization privacy

  • Ensure communication channels remain effective for legitimate purposes

Email + phone protection ✉️

  • Contact information on campaign pages is automatically hidden from automated data scraping tools when detected

  • Email addresses and phone numbers are encoded and only revealed when accessed by real users

  • JavaScript is required to decode and display protected information, preventing automated scraping by bots

Best practices 🌟

While Givebutter provides robust protection, we recommend:

  • Regularly monitoring your campaign's activity

  • Using the provided verification features

  • Keeping your account credentials secure

If you notice any unusual activity or have concerns about data protection, please contact the Givebutter support team for immediate assistance.

Additional security measures 🏦

From a technical standpoint, Givebutter uses best-in-class security standards applied to all systems including but not limited to firewalls, network and database ACLs, VPNs, encryption where possible, log retention and auditing, data backups, and private server networks.

Givebutter never stores any payment information. When users enter payment information on Givebutter, or when administrators withdraw funds to their bank accounts, we never store, transmit, or otherwise use this private information in our system. All this data is used directly with the relevant payment processing service (i.e. Stripe) and upholds their security standards, as well as PCI compliance.

At Givebutter, we use the access model of "least privilege," which means that each network program, software, contractor, employee, or other user will be granted the fewest privileges necessary to complete their job. In addition, all parties that have access to sensitive information (typically only for limited customer support purposes) undergo training and must adhere to strict security practices such as 2-factor authentication, VPN usage, and regular audits. We also employ:

  • Campaign verification badges to identify legitimate fundraising efforts

  • Secure data transmission using industry-standard encryption

  • Real-time monitoring for suspicious activity by our Trust & Safety team

  • Protection against automated form submissions

  • Regular security updates and improvements

Please don't hesitate to contact us at [email protected] if you believe someone is abusing our website.

Related content 📚

Did this answer your question?