Security & Data Protection Overview
Nave — built to protect a parish's most trusted data
A summary for parish and diocesan procurement · Last updated June 2026
Hosting
Vercel (app/CDN) + Supabase (Postgres, auth) — managed US cloud
Encryption
TLS 1.2+ in transit; AES-256 at rest (platform-managed)
Tenant isolation
Per-parish row-level security at the database layer
Authentication
Managed auth, confirmed email, server-validated sessions
Payments
Stripe — Level 1 PCI; card data never touches Nave
Backups
Automated daily backups on managed infrastructure
Architecture & isolation
Nave is multi-tenant: every parish gets its own branded site and back office on shared infrastructure. Each parish's data is walled off at the database layer by row-level security policies keyed to parish membership — enforcement lives in the database, not just application code, so a request that isn't authorized returns nothing. Nave staff do not browse parish data in the course of operations.
Access control & authentication
Sign-in uses a managed authentication system with confirmed email addresses and secure, server-validated sessions. Within a parish, role-based access (pastor, staff, finance, ministry leader, member, and more) grants only the access each person needs. The most sensitive areas — finances, safe-environment/background-check compliance, and the household census — are restricted to designated parish office roles.
Encryption & infrastructure
All traffic is encrypted in transit (TLS); data is encrypted at rest on managed cloud infrastructure with automated backups. Nave is built on providers whose own security and compliance posture is independently audited (Vercel, Supabase, Stripe), so the parish inherits the controls of certified platforms.
Payments & PCI
Where a parish enables online giving, payments are processed by Stripe, a certified Level 1 PCI Service Provider. Card and bank details are transmitted directly to Stripe and never pass through or rest on Nave's servers, minimizing the parish's PCI scope by design.
AI & data use
Nave's AI exists to translate a parish's own authored content (Mass times, bulletins, ministry pages) into the languages its community speaks. Translation runs through enterprise providers whose terms prohibit training on customer data; parish content is processed to return a result and is not retained to train models. Private parishioner records are not read for AI, and human-edited translations always take precedence.
Data ownership, retention & deletion
All data a parish and its people enter belongs to the parish, governed by the parish's agreement with Nave. It is never sold or used for advertising. Parishes can request a full export at any time and deletion of their data when they leave; individuals may request access, correction, or deletion of their personal information.
Compliance posture
- Payments handled by a Level 1 PCI-certified processor (Stripe).
- Honors access, correction, and deletion rights (e.g. CCPA/CPRA) for everyone.
- Children's, safe-environment, and sacramental records carry the tightest access.
- Mobile-first throughout; actively working toward WCAG 2.1 AA accessibility.
- Built on SOC 2 / ISO 27001-certified infrastructure providers.
- Glad to review diocesan data-protection requirements and sign a DPA.
Nave is not itself SOC 2 / ISO 27001 certified today; it is built on infrastructure providers that are. We'll update this overview as our own certifications progress. A diocesan Data Processing Agreement template is available to review and sign.
Subprocessors
Security contact & responsible disclosure: hello@nave.live. A real person answers. For the full narrative, see the Trust Center, Privacy Policy, and Terms.