Privacy Policy

1. Introduction

CharityAI ("we," "us," "our," or "Company") operates the website and provides AI automation services designed specifically for nonprofit organizations. We are committed to protecting your privacy and ensuring transparency about how we collect, use, and protect your personal information.

This Privacy Policy explains our data practices and your rights regarding your personal information. By accessing our website and using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our services.

We are committed to compliance with applicable data protection regulations, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant privacy laws. Our privacy practices are designed to give you confidence that your information is handled responsibly and securely.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us, including:

• Account Information: Name, email address, phone number, organization name, and job title when you create an account or contact us.
• Communication Data: Messages, inquiries, feedback, and other correspondence you send to us through email, contact forms, or support channels.
• Organizational Data: Information about your nonprofit organization, including mission, programs, donor information, and operational data that you input into our platform.
• Payment Information: Billing address, payment method details, and transaction history when you subscribe to our services.

2.2 Information Collected Automatically

When you visit our website or use our services, we automatically collect certain information about your device and usage patterns:

• Device Information: Device type, operating system, browser type, IP address, and unique device identifiers.
• Usage Data: Pages visited, features used, time spent on our platform, click patterns, and interactions with our services.
• Location Data: General geographic location based on IP address (not precise GPS location).
• Log Data: Server logs containing access times, pages requested, and error information.

2.3 Information from Third Parties

We may receive information about you from third parties, including integrated platforms you connect to our service (such as Salesforce, QuickBooks, or Google Workspace), analytics providers, and data providers. We only collect information in accordance with applicable laws and with proper authorization.

3. How We Use Your Information

We use the information we collect for various purposes, all aimed at improving our services and your experience:

3.1 Service Delivery

• Providing, maintaining, and improving our AI automation platform and services
• Processing transactions and sending related information
• Providing customer support and responding to inquiries
• Sending service updates, technical notices, and support messages

3.2 Communication

• Sending promotional materials, newsletters, and marketing communications (with your consent)
• Responding to your comments, questions, and requests
• Conducting surveys and gathering feedback about our services

3.3 Analytics and Improvement

• Analyzing usage patterns to understand how users interact with our platform
• Developing new features and improving existing functionality
• Monitoring and analyzing trends, usage, and activities for security purposes

3.4 Legal and Security

• Complying with legal obligations and responding to lawful requests from authorities
• Detecting, preventing, and addressing fraud, abuse, and security incidents
• Protecting the rights, property, and safety of CharityAI, our users, and the public

4. How We Share Your Information

We do not sell your personal information to third parties. However, we may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

• Cloud hosting and storage providers
• Payment processors and financial institutions
• Email service providers and communication platforms
• Analytics and data analysis providers

4.2 Business Transfers

If CharityAI is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required by law or if we believe in good faith that disclosure is necessary to:

• Comply with legal obligations and court orders
• Enforce our terms of service and other agreements
• Protect the safety, rights, and property of our users and the public

4.4 Third-Party Integrations

When you connect third-party applications (such as Salesforce, QuickBooks, or Google Workspace) to our platform, we may share necessary data with those services to enable integration. These third parties are responsible for their own privacy practices. We recommend reviewing their privacy policies.

5. Data Security

We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction:

5.1 Security Measures

• Encryption: We use industry-standard SSL/TLS encryption for data in transit and AES-256 encryption for data at rest.
• Access Controls: We implement role-based access controls and multi-factor authentication to restrict unauthorized access.
• Regular Audits: We conduct regular security audits and penetration testing to identify and address vulnerabilities.
• Backups: We maintain regular backups of data to ensure business continuity and disaster recovery.

5.2 Limitations

While we implement robust security measures, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials and for any activities that occur under your account.

6. Cookie Policy

We use cookies and similar tracking technologies to enhance your experience on our website and services.

6.1 Types of Cookies

• Essential Cookies: Required for basic website functionality, including authentication and security.
• Performance Cookies: Help us understand how you use our website and services to improve performance.
• Functional Cookies: Remember your preferences and settings for a personalized experience.
• Marketing Cookies: Used to track your interactions and deliver personalized advertising (with consent).

6.2 Cookie Management

You can control cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, blocking essential cookies may impact your ability to use our services. For more information about cookies, visit www.allaboutcookies.org.

6.3 Similar Technologies

We may also use web beacons, pixels, and similar tracking technologies to monitor website usage and effectiveness of marketing campaigns. These technologies work similarly to cookies and can be managed through similar methods.

7. Your Privacy Rights

Depending on your location and applicable laws, you may have certain rights regarding your personal information:

7.1 GDPR Rights (EU Residents)

If you are located in the European Union, you have the following rights:

• Right to Access: Request a copy of your personal information we hold.
• Right to Rectification: Request correction of inaccurate or incomplete information.
• Right to Erasure: Request deletion of your personal information under certain circumstances.
• Right to Restrict Processing: Request limitation of how we process your data.
• Right to Data Portability: Request your data in a structured, machine-readable format.
• Right to Object: Object to processing of your data for marketing or other purposes.

7.2 CCPA Rights (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act:

• Right to Know: Request what personal information we collect, use, and share.
• Right to Delete: Request deletion of personal information we have collected.
• Right to Opt-Out: Opt out of the sale or sharing of your personal information.
• Right to Correct: Request correction of inaccurate personal information.

7.3 Exercising Your Rights

To exercise any of these rights, please contact us at the information provided in Section 9 below. We will respond to your request within the timeframe required by applicable law (typically 30 days). We may request verification of your identity to process your request.

8. Data Retention

We retain your personal information for as long as necessary to provide our services, comply with legal obligations, and resolve disputes. The retention period varies depending on the type of information and the purpose for which we use it:

8.1 Retention Periods

• Account Information: Retained while your account is active and for a reasonable period afterward for legal and business purposes.
• Organizational Data: Retained according to your subscription agreement and applicable record-keeping requirements.
• Usage Data: Typically retained for 12-24 months for analytics and security purposes.
• Legal Records: Retained as long as required by applicable law.

8.2 Data Deletion

When data is no longer needed, we securely delete or anonymize it. Some information may be retained in backup copies for a limited period but will not be accessible during normal operations.

9. Contact Information

If you have questions about this Privacy Policy, concerns about our privacy practices, or wish to exercise your privacy rights, please contact us:

If you are not satisfied with our response to your privacy inquiry, you may have the right to lodge a complaint with your local data protection authority.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes by posting the updated policy on our website and updating the "Last Updated" date at the top of this document.

For material changes, we will provide additional notice, such as sending an email notification or displaying a prominent notice on our website. Your continued use of our services after any changes constitutes your acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.