VoucherGrid is built with security at every layer. Here’s how we protect your business and your customers’ data.
Authentication
Sign-in methods
- Email and password – passwords must be at least 10 characters
- Google – sign in with your Google account
- Apple – sign in with your Apple ID
- Passkeys – passwordless biometric authentication (Touch ID, Face ID, or security keys)
Password security
- Passwords are hashed using a modern adaptive algorithm (scrypt) before storage – we never store plain text passwords
- New passwords are checked against the Have I Been Pwned breach database to prevent use of compromised passwords
- Account lockout triggers after repeated failed login attempts
Two-factor authentication (2FA)
Two methods are available:
- Email OTP – a one-time code sent to your email (valid for 10 minutes)
- Authenticator app (TOTP) – time-based codes via apps like Google Authenticator or Authy
Backup codes are provided when you enable 2FA. You can also mark devices as trusted to skip 2FA for 30 days.
We recommend enabling 2FA for all team members, especially Owners and Admins.
Data encryption
In transit
- All connections use HTTPS (TLS)
- Database connections use SSL with certificate verification
- Redis connections use TLS
At rest
- Integration credentials (Xero, QuickBooks) are encrypted with AES-128 using a versioned keyring
- OAuth tokens are stored encrypted
- 2FA secrets are stored encrypted
- Personal information (email, name, phone) uses a dedicated encryption key separate from other data
- API keys are stored as one-way hashes – the plaintext key is shown only once when generated
Data isolation
Every query is scoped by your account. Your data is completely isolated from other VoucherGrid accounts:
- Account ID is resolved from your authenticated session – it’s never accepted from request parameters
- Background jobs receive account context explicitly
- Team members with location restrictions can only access data from their assigned locations
Audit logging
Every significant action is recorded in an append-only audit log:
- Voucher events – created, redeemed, voided, refunded, expired
- Authentication – logins, logouts, password changes, 2FA events
- Team changes – invites, role changes, removals
- Settings and integration changes
- Billing events
The audit log uses a cryptographic chain so that any tampering with entries can be detected. Email addresses in the log are stored in masked form.
Default retention is 3 years. Logs can be exported from the Reports page.
Payment security
VoucherGrid uses Stripe for all payment processing. Card details are entered directly into Stripe’s secure payment form – they never touch VoucherGrid’s servers. This qualifies us for PCI DSS SAQ-A, the simplest compliance level.
Data privacy
Your rights
- Export your data – Owners can export all account data at any time
- Delete your account – account deletion removes all data, including files stored in cloud storage
- Data retention – after account cancellation, access continues through the grace period, then account access locks; customer personal information is anonymised where appropriate, and voucher and financial records are retained as legally required
Customer rights (GDPR)
Gift voucher buyers can:
- Request a copy of their personal data
- Request deletion of their personal data
These requests are handled through a verified process with a 48-hour download link.
Hosting
| Service | Provider | Region |
|---|
| API and database | Render | Oregon, US |
| Frontend | Vercel | Sydney, Australia |
| File storage | Cloudflare R2 | Global CDN |
Compliance
| Standard | Status |
|---|
| PCI DSS SAQ-A | Card data handled entirely by Stripe |
| GDPR | Data subject access requests and right to erasure supported |
| Australian Consumer Law | Built around Australian voucher expiry rules |
| Australian GST | Reporting built around cash and non-cash accounting methods |