We ensure the security of your account in a number of ways. Elvanto has SSL Certificates installed to ensure your data is kept safe on any computer, hardened firewalls to keep the server safe and even CCTV surveillance and biometric access control at our data centres. We secure our login pages against brute force attacks – if a user fails to log in 5 times, they will get blocked (user will be unblocked when you send a reset password link to the user).
For access to your individual Elvanto account, we also give you the power to customize Access Permissions (a role-based access control feature) for your users. Access Permissions allow you to restrict a user’s access to various parts of the site. Only a super admin has the power to view and edit all parts of the site.
Our servers are located across Australia, the United States and Europe to ensure your data remains close to home and easy to access. Although a lot of church database programs host their content all in one place, we find that this can cause privacy issues with conflicting international privacy laws. Our hope is that in having our servers across multiple countries, it will reduce the risk of this happening.
Our uptime is 99.9% (well above the industry average). To help ensure you can always access your account, our data centers feature state-of-the-art multi-phase power redundancy, industrial quality cooling, fire suppression and backup power generation systems.
We make daily offsite backups of all data. Deleted information is kept for three months before being permanently deleted from the system. As our system is cloud based and fully hosted, you cannot gain access to the database schema.
Facebook integration is built using the OAuth2 protocol. Elvanto only accesses the person’s name, email, and profile picture which is used to create their account, or if their account is already created it will use their if no picture has been uploaded. Once integrated with the account, it simply gives users another way to log in using their Facebook credentials.
Elvanto complies with the Australian Privacy Principles (APP), as well as the Australian Spam Act.
Last Updated: 31st August, 2015