Trust & Security

Your data is safe
with us

Enterprise-grade security practices protect your campground data and guest information. Encrypted, monitored, and compliant.

Security by design

Security isn't an afterthought. It's built into every layer of Campdesk.

🔒

Encryption Everywhere

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Your campground data and guest information are protected at every layer.

🏢

SOC 2 Compliance

Currently pursuing SOC 2 Type II certification, with completion planned for Q4 2026. We meet enterprise-grade security standards.

🏦

PCI DSS Compliant

Payment processing through Stripe ensures PCI DSS compliance. We never store full credit card numbers or sensitive payment data.

🛡️

Data Isolation

Each campground's data is logically separated and isolated. No campground can access another's information or guest data.

💾

Automated Backups

Daily automated backups with point-in-time recovery. Backups are encrypted and stored across multiple geographic regions.

🔍

Security Monitoring

24/7 security monitoring with real-time threat detection. Suspicious activity triggers immediate alerts and investigation.

Security policies

Comprehensive security measures across our entire platform.

Access Control

  • Multi-factor authentication for all admin accounts
  • Role-based permissions for team members
  • Regular access review and cleanup
  • Principle of least privilege enforcement

Infrastructure Security

  • AWS cloud infrastructure with security best practices
  • Network segmentation and firewall protection
  • Regular security patching and updates
  • Intrusion detection and prevention systems

Application Security

  • Secure coding practices and code reviews
  • Regular vulnerability scanning and penetration testing
  • Input validation and SQL injection prevention
  • Session management and CSRF protection

Compliance & certifications

🏆

SOC 2 Type II

Pursuing certification

Target: Q4 2026

💳

PCI DSS

Compliant via Stripe

Active

🛡️

GDPR & CCPA

Privacy compliant

Active

Responsible disclosure

We welcome reports of security vulnerabilities from researchers and the community. If you discover a potential security issue, please report it responsibly.

How to report

  • Email: security@campdesk.co
  • PGP Key: Available upon request for sensitive reports
  • Response Time: We acknowledge reports within 24 hours

What to include

  • Detailed description of the vulnerability
  • Steps to reproduce the issue
  • Potential impact assessment
  • Your contact information

Our commitment

  • We will not pursue legal action against good-faith researchers
  • We will work with you to understand and resolve the issue
  • We will keep you updated on our progress
  • We will publicly acknowledge your responsible disclosure (if desired)

Questions about security?

Our security team is happy to discuss our practices with prospective customers.

Contact Security Team