Protect your data,
byte by byte:

Security & Privacy

At Millie, your security is our top priority. We are committed to safeguarding your data, so you can focus on your social impact program.


Application Security
Millie understands that application security is critical to protecting the data that you share with us. We maintain your trust by implementing best practices for identifying and protecting against potential threats and vulnerabilities. Some key best practices include conducting regular security assessments and testing, implementing strong authentication and access control measures, keeping software and libraries updated, and educating developers about secure coding practices. By prioritizing application security best practices, Millie reduces the risk of data breaches and cyber attacks, safeguarding both our own reputation and the privacy of our users.
Endpoint Security
Millie secures remote endpoints with next gen antivirus to detect and stop threats, securely configures and manages endpoints with a unified endpoint management solution while Millie operates entirely cloud-based to ensure the security and privacy of your data.
Business Continuity
At Millie, our comprehensive approach to business continuity encompasses proactive planning, risk assessments, and the implementation of resilient strategies to ensure minimal disruption in the event of unforeseen incidents.

Moreover, our cyber incident readiness is founded on rigorous preparation, including the development and regular testing of incident response plans. These plans are designed to swiftly and effectively address potential security breaches, cyber attacks, or other disruptive events, enabling us to mitigate the impact and swiftly restore normal operations.

By integrating robust business continuity and incident response protocols, we demonstrate our dedication to maintaining the trust and confidence of our users, partners, and stakeholders.
Security Training
At Millie, we understand the importance of keeping your digital assets secure. That's why we offer comprehensive security awareness training to empower your employees with the knowledge they need to recognize and respond to potential security threats. Our training programs are designed to equip your team with the skills to maintain a secure computing environment, reducing the risk of successful cyber attacks.

In addition, we emphasize the significance of secure coding practices. By integrating secure coding principles into your software development process, we help you build applications with security in mind from the very beginning. Our goal is to enable you to proactively mitigate security risks and develop resilient, secure applications that you can trust.


integrations collage
Secure User Data
Millie's comprehensive approach to securing user data involves implementing robust encryption, stringent access controls, and performing regular security audits to ensure that user data information remains protected from unauthorized access.

We prioritize the security of user data; complying with several relevant data privacy regulations such as EU GDPR and CPRA to uphold the highest standards of data security for our users and partners.
Access Controls
Millie leverages an access control model that ensures only those roles and individuals that are authorized and with a need-to-know have access to customer data.
Breach Reporting
At Millie, we understand the critical importance of compliance with data breach reporting requirements outlined in the California Privacy Rights Act (CPRA) and the General Data Protection Regulation (GDPR). As such, we commit to notifying relevant supervisory authorities or relevant data controller partners within 72 hours of detecting a breach.
Privacy Reporting
Millie maintains an accurate and up-to-date privacy policy and cookie policy that is available for anyone to read. We commit to transparency about how we handle and secure your data, what we collect, and why we collect it, always. You can find our privacy policy here:
millie collage

Frequently Asked Questions

What physical security assurances does Millie's cloud service providers offer?
At Millie, we take pride in the robust security measures integrated into every aspect of our operations, including our application development and physical infrastructure. Our application is developed on Heroku, a platform that utilizes Amazon Datacenters, known for their stringent security protocols and industry-leading infrastructure.

By leveraging Heroku's platform, which is built on Amazon Web Services (AWS), we inherit the comprehensive security features and certifications that AWS provides. This includes data encryption, network security, access controls, and regular security audits, ensuring that our application is hosted within a secure and reliable environment.

Moreover, the physical security of Amazon Datacenters, including measures such as strict access controls, surveillance systems, and rigorous personnel screening, directly contributes to the overall security posture of our application. As a result, our users can trust that their data is housed within a secure infrastructure that adheres to the highest standards of physical security.
How does Millie secure user's access to the Millie giving application?
At Millie, we ensure that our partners' users have the tools needed to secure their accounts from unauthorized access. That's why Millie supports SSO with SAML 2.0, and automated provisioning with SCIM 2.0 to make authentication and access control convenient and secure. Moreover, this means we can seamlessly integrate SSO with Auth0, Okta, Microsoft Azure, and OneLogin.
Is Millie giving PCI-DSS compliant?
All credit card information is handed off to our PCI-compliant processor, Stripe. Our servers never see nor store any credit card data.
Who are Millie's Subprocessors?
Millie's subprocessors typically include Stripe, Slack, and Google, but it can also include any of the integrations our partners choose to integrate into their organization on the Giving app.
Does Millie leverage the OWASP top 10 to secure its application development and code?
Millie development teams are trained to understand and address the vulnerabilities outlined in the OWASP Top 10, ensuring that these security risks are proactively mitigated throughout the development lifecycle.

By incorporating the OWASP Top 10 into our development practices, we prioritize the identification and remediation of critical security concerns such as injection attacks, broken authentication, sensitive data exposure, and other common vulnerabilities. This proactive approach allows us to build secure, resilient software that protects our users and their data.
video thumbnail arrow

Ready to make an impact?

Get started on Millie to launch or grow your corporate social impact program. Connect with employees and stakeholders by making impactful positive change with a low lift. Demo Millie’s real time corporate social responsibility tools with our all-in-one social impact platform.
Rated #1 on G2 based on user satisfaction 😊
You’ll be in very good company