When you use our services you entrust us with YOUR valuable information. We have made it a priority to protect your data and to provide you with choices about controlling it.
We try to make all our policies as clear, fair, and readable. Please take the time to review our Terms of Service, Refund Policy, Privacy Policy. European Union and Switzerland customers should review our DPF Privacy Policy and GDPR pages.
Donor Tools primary data and servers are hosted at Rails Machine's data center (Atlanta, GA).
The data center is Type 2 SSAE 16 SOC 1 accredited and includes keycard protocols, biometric scanning protocols, armed guards, and round-the-clock surveillance. Our environment is colocated, meaning we have full control of the physical environment and only our policies affect the access and use of the hardware, network and software. We provide multiple levels of backups and redundancy to ensure uptime and peace of mind. Donor Tools itself has not undergone a SOC audit, but our data center has. A copy of the most recent SOC report may be provided on request after completing an NDA.
We use technical and physical controls designed to prevent unauthorized access to personal data. We restrict access to personal data only to our employees, contractors and agents who require access to operate, develop or improve our service. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution if they fail to meet these obligations.
Donor Tools offers payments through Stripe. ("Stripe"), a third-party payment processor. In order for you to use Stripe's payment processing services, you must register with Struoe as a merchant.
The Stripe Terms of Service explain that process and are available here.
The Stripe Privacy Policy is available here.
By accepting this agreement with Donor Tools, you agree that you have reviewed the Stripe Terms of Service and Privacy Policy for the country in which you are located and agree to them.
All personal information stored in Donor Tools can be accessed, modified, and exported through the web interface. You can read more about personal information deletion in our privacy policy. To request an export and/or deletion of personal data for other individuals, like your employees or customers that you have provided to us and who have requested this of you — please email us at [email protected]. We will respond to these requests in under 30 days, as required under GDPR.