HometownLiftHometownLift.

Security

How HometownLift protects donor data and organization funds

Payment processing, data storage, access controls, and platform infrastructure are all designed with security as a baseline, not an afterthought.

Request access

Payment security

Stripe handles all payment processing

PCI-DSS Level 1

Stripe is certified to the highest level of PCI compliance. HometownLift never stores, processes, or transmits card numbers.

Stripe Connect

Each organization connects their own Stripe account. Funds flow directly from Stripe to the organization's bank account.

No stored card data

Card information is entered directly into Stripe's hosted checkout. HometownLift never sees or stores payment credentials.

Encrypted in transit

All connections use HTTPS/TLS. Data in transit between the browser, HometownLift, and Stripe is encrypted.

Data security

Application data is isolated per organization

Row-level security

Every database query is scoped to the authenticated user's organization. Admins cannot see other organizations' data.

Role-based access

Directors, coaches, and athletes each see only what their role requires. Coaches cannot access financial data or other teams.

Invite-only access

Users can only join an organization through an explicit invite from an admin. There is no self-registration for org membership.

Hosted on Supabase

Application data is hosted on Supabase with PostgreSQL, row-level security policies, and automated backups.

Access controls

Who can do what

Directors

Full admin access

Manage organization settings, Stripe connection, campaigns, rosters, reporting, refunds, and team permissions.

Coaches

Team roster only

Import rosters, send athlete invites, and track participation. No access to financial data, other teams, or org settings.

Athletes

Own page only

Claim their personal fundraising page, add a photo and message, and share their link. No access to donations or admin tools.

Donor experience

What donors see

No account required

Donors give through a standard Stripe checkout. No login, no profile, no stored data on HometownLift.

Automatic receipts

Donors receive an email receipt from Stripe immediately after their donation is processed.

Related

How payouts work

When and how funds reach your organization.

Learn more →

How fees work

Step-by-step breakdown of the donor-paid fee model.

Learn more →

FAQ

Answers about fees, payouts, onboarding, and more.

Learn more →

Built for trust

A fundraising platform your board and donors can trust.

Request access