Data Storage & Architecture

Enterprise-grade security with multi-tenant architecture

Technical Overview - Updated January 2026

1. Architecture Overview

Eden2Olive uses a sophisticated multi-tenant architecture that ensures complete data isolation between different church organizations. This architecture provides enhanced security, scalability, and data integrity.

Our system separates data into two distinct layers: System Administration and Tenant Data, ensuring that your church's information remains completely isolated from other organizations.

2. Multi-Tenant Architecture

Each church organization (tenant) operates within its own isolated environment:

🔒 Complete Data Isolation

Each tenant has a dedicated database ensuring no cross-tenant data access

🛡️ Security by Design

Built-in security measures prevent unauthorized access at the database level

📊 Independent Management

Each church manages its own data, users, and settings independently

⚡ Optimized Performance

Database isolation ensures optimal performance for each organization

3. Database Schema

System Administration Layer

The system administration database contains:

  • Admin Users: System administrators and their roles
  • Tenant Registry: List of all church organizations using the system
  • System Settings: Global configuration and system-wide settings
  • Shared Data: States, countries, FAQ, and other reference data

Tenant Data Layer

Each tenant's database contains:

  • Users: Church staff and volunteers with system access
  • Members: Church member records and profiles
  • Families: Family groups and relationships
  • Financial Records: Offerings, funds, and expenditures
  • Activity Logs: Audit trail of all user actions
  • Settings: Church-specific configuration

4. Security Features

🔐

Encryption

Data encrypted in transit (TLS/SSL) and at rest (AES-256)

👥

Role-Based Access

Granular permissions control who can access what data

📝

Activity Logging

Complete audit trail of all system activities

🗑️

Soft Delete

Data marked deleted but recoverable if needed

🔄

Regular Backups

Automated daily backups with point-in-time recovery

🛡️

Database Firewall

Network-level protection against unauthorized access

5. Data Isolation Principles

Data Type System Admin DB Tenant DB
Users ✅ Admin users ✅ Church users
Members & Families ❌ Never ✅ All member data
Financial Records ❌ Never ✅ All financial data
Activity Logs ✅ Admin logs ✅ Tenant logs
Settings ✅ System settings ✅ Church settings

6. Backup & Recovery

We maintain robust backup and recovery systems:

  • Automated Daily Backups: Full database backups every 24 hours
  • Transaction Logs: Continuous transaction log backups for point-in-time recovery
  • Geo-Redundancy: Backups stored in multiple geographic locations
  • Retention Policy: Daily backups retained for 30 days, monthly backups for 1 year
  • Recovery Testing: Regular testing of backup recovery procedures
  • Disaster Recovery: Comprehensive disaster recovery plan with RTO < 4 hours

7. Performance Optimization

Our architecture is designed for optimal performance:

  • Database Indexing: Strategic indexes on frequently queried columns
  • Query Optimization: Optimized SQL queries with proper joins and filters
  • Connection Pooling: Efficient database connection management
  • Caching: Strategic caching of frequently accessed data
  • Soft Deletes: Improved performance by avoiding hard deletes
  • Monitoring: Real-time performance monitoring and alerting

8. Compliance & Standards

Eden2Olive adheres to industry best practices and compliance standards:

  • Data Protection: GDPR and CCPA compliant data handling
  • Security Standards: SOC 2 Type II controls implementation
  • Encryption: Industry-standard encryption (TLS 1.3, AES-256)
  • Access Control: RBAC (Role-Based Access Control) implementation
  • Audit Trails: Complete logging for compliance requirements
  • Data Retention: Configurable retention policies per requirements
Back to Home View Privacy Policy