← Back to DonorPilot

Privacy Policy

Last updated: February 2026

Note: This is a draft and should be reviewed by legal counsel before being relied upon.

What We Collect

  • Account information: Name, email, organization name, and password (hashed).
  • Donor data: Information your organization uploads or enters — names, contact info, donation history, notes, and any custom fields.
  • Usage data: How you interact with the Service (pages visited, features used, AI queries made).
  • Payment information: Processed securely by Stripe. We don’t store your full card number.

How We Use Your Data

  • Providing the Service: Displaying your donors, generating reports, managing campaigns.
  • AI processing: Donor data is sent to our AI provider to generate email drafts, answer queries, and power workflows.
  • Billing: Processing subscription payments and calculating revenue share.
  • Attribution tracking: Tracking AI-assisted touchpoints to determine revenue share (see our Terms of Service).

Who We Share Data With

We do not sell your data. We share data only with the following service providers, solely to operate the Service:

  • Stripe — Payment processing.
  • Resend — Email delivery. Recipient addresses and email content are shared to send emails on your behalf.
  • Anthropic (Claude) — AI processing. Donor data relevant to your queries and drafts is sent to Claude to generate responses. Anthropic does not use this data to train models.

Data Retention

Your data remains active as long as your account exists. If you delete your account, we retain your data for 30 days (in case you change your mind), then permanently delete it.

Security

  • Encryption in transit: All data is transmitted over TLS.
  • Encryption at rest: Handled by Supabase (our database provider).
  • Tenant isolation: Row-Level Security (RLS) ensures each organization can only access its own data.

GDPR

If your organization manages donors in the EU, you are the data controller and DonorPilot is the data processor. We process personal data only on your instructions to provide the Service.

A Data Processing Agreement (DPA) is available on request. Contact us at support@donorpilot.app.

Cookies

We use minimal cookies — only what’s required for authentication sessions. No tracking cookies, no third-party analytics cookies.

Contact

Questions about this policy? Email us at support@donorpilot.app.