Privacy Policy - Donor Charm

Privacy Policy for the Donor Charm Platform

Donor Charm LLC (“Donor Charm,” “us,” “we,” or “our”) provides products and services (“Services”) to support nonprofit organizations and educational institutions (our “Customers”) in their fundraising plans. Individuals who engage with our Customers and contribute to their fundraising efforts through use of our Services are “End Users” and “Donors.”

Please be aware that not all of the information in this Policy will be directly applicable to our handling of your personal information. If you are a Donor Charm Customer, there may be additional terms that govern your use of the Services that are provided in the agreement you have with Donor Charm. This Policy provides an overview of the possible circumstances in which we interact with your personal information.

Donor Charm and mobile carriers are not liable for delayed or undelivered messages.

Donor Privacy

Donor Charm is committed to protecting the privacy and security of our customers’ donor information. Donor Charm does not sell, trade, or rent personal information about donors with any third-party organizations. Donor data collected through our Services belongs to our Customers and is stored on our servers on their behalf.

SMS Consent & Messaging

Donor Charm offers messaging features that allow Customers to communicate with their donors and supporters. Donor Charm provides messaging infrastructure and tools, and Customers control the content, recipient lists, timing, and purpose of their communications.

Opt-In Consent Requirement

Before sending the first SMS message to a recipient, Customers must obtain the recipient’s agreement (“consent”) to receive messages. Consent must be clear and must inform the recipient of the types of messages they will receive. Customers are responsible for collecting and maintaining proof of consent, such as a signed form or a timestamped opt-in record.

Proof of Consent & Records

Customers must retain evidence of each consent event and provide it upon request if required for compliance reviews, carrier requirements, audits, or platform investigations. Consent is specific to the sender (the Customer) and the stated use or campaign; it is not blanket consent for other uses or other brands.

Opt-Out (Unsubscribe)

Opt-out messages are required and are unremovable from all/any marketing messages sent to End Users/Donors by Customers. Individuals may withdraw consent to collection, use, or disclosure at any time, subject to legal or contractual restrictions and reasonable notice.

If an End User/Donor opts out (for example, by replying STOP or using other opt-out mechanisms provided), no further SMS messages should be sent to that number unless the individual explicitly opts back in.

Customer Responsibility

Customers are solely responsible for:

Obtaining and documenting SMS consent from each recipient before messaging;
Ensuring recipient lists are accurate and up-to-date;
Complying with applicable communications laws, regulations, and industry guidelines;
Honoring opt-out requests and managing re-opt-ins appropriately.

Limitation of Liability

Donor Charm processes End User/Donor information in accordance with Customer instructions. To the fullest extent permitted by law, Donor Charm shall not be liable for Customer messaging practices that do not comply with consent requirements or applicable laws and carrier policies.

Data Collection

Donor Charm may collect personal data about donors for a number of reasons:

to administer and maintain accounts relating to donations and Donor Charm services
to facilitate fundraising, marketing, volunteer engagement, and communications
to communicate with donors and potential donors as requested by Customers
to comply with legal and regulatory requirements and applicable industry standards

Such personal information may include: name, address, phone number, e-mail address, and the last four digits of a credit card number / card type which a donor voluntarily provides through the Services.

(In accordance with PCI compliance regulations, all credit card information may be collected to process transactions but is not stored on Donor Charm servers.) In addition, Donor Charm keeps a record of each donor’s giving history. This information is kept on file for IRS purposes and may be used to analyze overall giving patterns and produce benchmark data.

Donor Charm may handle:

The personal information of Customers or potential customers (“Customer Information”); and
The personal information of End Users/Donors who use Donor Charm to support the fundraising efforts of our Customers (“End User Information”).

Donor Charm uses these categories of personal information differently because while we have a direct relationship with our Customers and therefore may determine why and how to handle Customer Information, our relationship with End Users is indirect and based on our relationship with our Customers. We only handle End User Information in accordance with our Customers’ instructions.

If you are an End User who has a relationship with one of our Customers and have a question about how your personal information is collected, used, or shared, or would like to exercise any rights you may have with respect to your personal information, please contact the Customer directly.

Information Security

We take seriously our responsibility to protect the security and privacy of your personal information. We maintain administrative, technical, and physical safeguards designed to protect the personal information you provide against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use.

Any suspected attempt to breach our policies and procedures, or to engage in any type of unauthorized action involving our information systems, is regarded as potential criminal activity. Suspected computer mischief may be reported to the appropriate authorities.

Office policies are in place to safeguard donor information, including:

Physical measures, including locked filing cabinets and restricted access to offices
Organizational measures, such as security clearances and limiting access on a “need to know” basis
Technological measures, such as the use of passwords and encryption

Individual records are kept only as long as necessary to fulfill the purpose for which they were collected and to comply with applicable laws.

Individual Opt-Out Policy

An individual may withdraw his or her consent to collection, use, or disclosure at any time, subject to legal or contractual restrictions and reasonable notice. Donor Charm makes reasonable efforts to keep donor files complete, up-to-date, and accurate.

Donors who wish to access, update, or correct personal contact information, remove themselves from a Customer database, or discuss a privacy concern should contact the applicable Customer directly. For general privacy concerns related to Donor Charm’s platform, contact us at hello@donorcharm.org.

Who we are

Our website address is: https://www.donorcharm.org.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available at https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Changes to this Policy

We may update this Policy from time to time to reflect changes in legal requirements, industry practices, or platform features. The effective date will be updated when changes are posted.

Who we are

Our website address is: https://www.donorcharm.org.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

Contact forms

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

Analytics

Who we share your data with

How long we retain your data

What rights you have over your data

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

Additional information

How we protect your data

What data breach procedures we have in place

What third parties we receive data from

What automated decision making and/or profiling we do with user data

Industry regulatory disclosure requirements

Privacy Policy for Nonprofit Exchange/DonorCharm Platform

Nonprofit Exchange/DonorCharm, Inc. (“Nonprofit Exchange/DonorCharm,” “us”, “we” or “our”) provides products and services (“Services”) to support nonprofit organizations and education institutes (our “Customers”) in their fundraising plans. The individuals who engage with our Customers and contribute to their fundraising efforts through use of our Services are “End Users, Donors” of our Service.

Please be aware that not all of the information in this Policy will be directly applicable to our handling of your personal information. As a Nonprofit Exchange/DonorCharm Customer, there may be additional terms that govern your use of the Services that are provided in the agreement you have with Nonprofit Exchange/DonorCharm. This Policy provides an overview of the possible circumstances in which we interact with your personal information. If you have any

Nonprofit Exchange/DonorCharm & Mobile Carriers are not liable for delayed or undelivered messages.

Donor Privacy

Nonprofit Exchange/DonorCharm is committed to protecting the privacy and security of our customers’ donors information. Nonprofit Exchange/DonorCharm does not sell, trade or rent personal information about our donors with any/all third-party organizations. Donor data collected through our Service belongs to our customers and stored on our servers on their behalf.

Data Collection

Nonprofit Exchange/DonorCharm may collect personal data about donors for a number of reasons:

to administer and maintain accounts relating to donations and Nonprofit Exchange/DonorCharm services
to facilitate fundraising, marketing, volunteer engagement, communications
to communicate with donors and potential donors as requested by their customers
to comply with legal and regulatory requirements of the Cellular Telecommunications Industry Association (CTIA), the Federal Communications Commission (FCC) and the Mobile Marketing Association (MMA)

Such personal information may include: name, address, phone number, e-mail address and last four digits of credit card number/Card type which a donor voluntarily provides through the Service. (In accordance with PCI compliance regulations, All Credit Card information is collected but not stored on any/all Nonprofit Exchange/DonorCharm servers.) In addition, Nonprofit Exchange/DonorCharm keeps a record of each donor’s giving history. This information is kept on file for IRS purposes and is also used by Nonprofit Exchange/DonorCharm to analyze overall giving patterns in order and produce benchmark data.

The personal information of Nonprofit Exchange/DonorCharm Customers or potential customers (“Customer Information”), and

The personal information of End Users/ Donors who use Nonprofit Exchange/DonorCharm to support the fundraising efforts of our Customers (“End User Information”).

Nonprofit Exchange/DonorCharm uses these categories of personal information differently because while we have a direct relationship with our Customers and therefore may determine why and how to handle Customer Personal Information, our relationship with End Users is indirect and based on our relationship with our Customer. We only handle End User Information in accordance with our Customer’s instructions. If you are an End User who has a relationship with one of our Customer’s and have a question about how your personal information is collected, used, or shared, or would like to exercise any rights you may have with respect to your personal information, please contact the Customer directly.

Information Security

We take seriously our responsibility to protect the security and privacy of your personal information. We maintain administrative, technical and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.

Office policies are in place to safeguard donor information, including:

Physical measures, including locked filing cabinets and restricted access to offices
Organizational measures, such as security clearances and limiting access on a “need to know” basis
Technological measures, such as the use of passwords and encryption

Individual records are kept only as long as necessary to fulfill the purpose for which they were collected and to comply with applicable laws.

Individual Opt-Out Policy

Opt-Out Messages are required and are unremovable from all/any marketing messages sent to End Users/Donors by Customers. This is compliance with updated 2019 regulatory requirements of the Cellular Telecommunications Industry Association (CTIA), the Federal Communications Commission (FCC) and the Mobile Marketing Association (MMA)

An individual may withdraw his or her consent to collection, use or disclosure at any time, subject to legal or contractual restrictions and reasonable notice. Nonprofit Exchange/DonorCharm makes reasonable efforts to keep donor files complete, up-to-date, and accurate. Donors who wish to access, update or correct personal contact information, remove themselves from our database or discuss a privacy concern Nonprofit Exchange/DonorCharm can contact the administration department at support@nonprofitexchange.org.