> ## Documentation Index
> Fetch the complete documentation index at: https://docs.voucherify.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Organization security overview

> Protect your Voucherify account with authentication, role-based access, approval workflows, and data protection controls

Voucherify gives you a layered set of tools to secure your organization: from how members sign in, through what they can change, to how customer data is processed and protected. Use this section to configure authentication, manage access, enforce review workflows, and stay aligned with privacy regulations.

## What you can secure

<CardGroup cols={2}>
  <Card title="Account security" icon="shield-halved" href="/manage/account-security">
    Enable two-factor authentication, configure SAML SSO, monitor account activity, and set alerts for API usage and webhook failures.
  </Card>

  <Card title="Members and roles" icon="users" href="/manage/members-and-roles">
    Invite members, assign roles, and use projects to control who has access to data and actions across your organization.
  </Card>

  <Card title="Approval requests" icon="circle-check" href="/manage/approval-requests">
    Require review for sensitive operations on campaigns, vouchers, and customers to prevent errors and unauthorized changes.
  </Card>

  <Card title="Security and data protection" icon="lock" href="/manage/security-and-data-protection">
    Review Voucherify's GDPR and CCPA commitments and follow the procedures for executing customer data protection requests.
  </Card>
</CardGroup>

## Why organization security matters

Promotions touch sensitive parts of your business: customer data, marketing budgets, and revenue. A clear security setup helps you:

* Prevent unauthorized access: Strong authentication and SSO reduce the risk of compromised accounts.
* Limit unforeseen consequences: Role-based access and project scoping ensure members only reach the data and actions they need.
* Protect campaigns from mistakes: Approval workflows catch risky changes before they go live.
* Stay compliant: Built-in data protection processes help you meet GDPR, CCPA, and other privacy requirements.

## How the pieces fit together

The security offered by Voucherify combines as follows:

* Account security controls how members sign in and how you detect suspicious activity.
* Members and roles define what each signed-in user is allowed to do.
* Approval requests add a review step on top of roles for high-impact changes.
* Security and data protection covers how Voucherify processes customer data and how you respond to data subject requests.

## What's next?

Start with [account security](/manage/account-security) to enable 2FA and SSO, then review [members and roles](/manage/members-and-roles) to structure access for your team. Use [approval requests](/manage/approval-requests) to protect critical operations, and consult [security and data protection](/manage/security-and-data-protection) for privacy and compliance procedures.