Skip to content
Litegrants

Data security & trust

How we protect your data

We don't have SOC 2 or ISO 27001 certifications. What we have is specific, honest, and verifiable: managed infrastructure, strict data isolation, and security practices built into the application from day one.

Infrastructure

Managed, encrypted, and monitored

We run on managed infrastructure so patching, uptime, and physical security are handled by providers with dedicated security teams.

DigitalOcean App Platform

Litegrants runs on DigitalOcean's managed PaaS with dedicated app, worker, and job components. No shared server processes, no noisy-neighbor risk.

Cloudflare

All traffic passes through Cloudflare for DNS, DDoS mitigation, CDN, and Content Security Policy headers. HTTPS is enforced — there is no plain HTTP path into the application.

Encrypted database

Grant data is stored in a managed PostgreSQL database on DigitalOcean with encryption at rest and automated daily backups. Database access is not exposed to the public internet.

Tenant isolation

Strict multi-tenant architecture

Sharing infrastructure doesn't mean sharing data. Every database query in Litegrants is automatically and invisibly scoped to the authenticated organization — enforced directly at the data layer, not as an optional convention. There is no code path in the application that can return another organization's records.

  • Isolation is enforced at the database query level before any data is returned. It cannot be bypassed by manipulating URLs or session parameters.

  • Every part of the application that handles tenant data is required to enforce isolation — unenforced access is caught automatically in our test suite, not discovered at runtime.

  • No cross-tenant data access is possible through the application. One organization cannot see, enumerate, or infer another's grant data.

  • Tenant isolation is verified in our automated test suite — any regression is caught before it reaches production.

Authentication & access control

Right person, right access, right time

Credentials are protected by industry-standard hashing. Access within an organization is governed by role and enforced on every request.

Passwords hashed with bcrypt

Passwords are hashed using bcrypt before they are ever written to the database. Litegrants never stores, logs, or transmits plain-text passwords.

Five distinct roles

Access is governed by role: Applicant, Grantee, Reviewer, Administrator, and System Admin. Each role sees only the data and actions it needs.

Default-closed authorization

We use a strict "default-closed" model: every application action is explicitly verified against role permissions before it executes. If access isn't explicitly permitted, it is blocked — there is no fallback that grants access by omission.

Secure session management

Sessions use secure, HTTP-only cookies. Session data is not stored in the browser. Sessions expire on sign-out and can be invalidated server-side.

Data ownership

Your data belongs to you. Always.

We're a tool, not a data warehouse. Your grant history is yours — exportable at any time and deletable on your schedule.

Full export, anytime

Export your complete grant history — applications, form submissions, decisions, reports — in CSV or JSON. One click, no support ticket required, no data held hostage.

30-day cancellation window

After cancellation, your data remains accessible for 30 days so you can export everything before we delete it. We don't use data retention as leverage.

No data lock-in

Customer data belongs to the customer. We don't use proprietary formats that make migration expensive. Standard CSV and JSON work everywhere.

Payment security

Stripe handles all payment processing

All billing is processed by Stripe, which is PCI DSS Level 1 certified — the highest level of payment security certification available. Litegrants never sees, handles, or stores your credit card number. Payment data goes directly from your browser to Stripe.

Email security

Transactional email only

Litegrants sends transactional email through Postmark with authenticated sending. We do not maintain marketing email lists, do not share your email address with third-party marketers, and do not use email data for advertising purposes. The only emails you receive are ones directly related to your account and grant activity.

Secure development

Security baked in, not bolted on

Common attack vectors are addressed by construction, not by policy. Here's what that means in practice:

  • Secrets are never in the codebase. All credentials and API keys are stored as environment variables, isolated from source code entirely. A compromised repository does not expose production credentials.

  • Malicious data inputs cannot execute as code. All database interactions use strict parameterization — user-supplied data is always treated as data, never as instructions.

  • Protection against unauthorized cross-site actions. Every state-changing request is verified with a cryptographic token, preventing external sites from tricking users into performing unintended actions.

  • Protection against malicious scripts. Content Security Policy headers enforced at the network layer restrict what code can run in users' browsers.

  • Dependency hygiene. Third-party software components are reviewed and updated regularly to address newly discovered vulnerabilities.

Incident response

Monitoring, alerting, and a clear commitment

Application errors and anomalies are tracked via PostHog. In the event of a confirmed data breach, Litegrants is committed to notifying affected customers within 72 hours of confirmation — not discovery, confirmation — with a clear description of what happened, what data was affected, and what steps were taken.

For urgent security concerns, email [email protected].

Responsible disclosure

Found a vulnerability? Tell us.

If you discover a security vulnerability in Litegrants, please report it to [email protected]. We commit to acknowledging your report within 48 hours and working with you on a responsible disclosure timeline.

We don't have a formal bug bounty program, but we take every report seriously and will keep you informed as we investigate and resolve the issue. We ask that you give us reasonable time to address a vulnerability before publishing details publicly.

What we're working toward

Honest about where we are

As Litegrants grows, we're evaluating formal certifications like SOC 2. Today, we focus on getting the fundamentals right: strong isolation, honest data practices, and security built into the architecture rather than applied after the fact.

Questions about our security posture? Email [email protected].