The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). GDPR came into effect across the EU on May 25, 2018.
If your organization is based in the EU or you process the personal data of individuals in the EU, then the GDPR affects you.
Key points regarding the GDPR:
Custom Donations forms can easily be configured to gain consent and so your constituents can opt-in to your email marketing.
Custom Donations [we] collects personal information about users [you] who conduct transactions through our forms. At a minimum, this includes your IP and email address. Additional information, beyond IP and email address, is determined by the organization with whom you are conducting the transaction [our clients].
The information collected on behalf of our clients allows them to conduct and manage that transaction.
The information is securely passed to our clients through the payment processor (Stripe). Please visit their site for more information on their policies.
Additionally, certain information may be passed to our clients' data processors if the client has opted to do so. Please refer to their policies for more detail. Links to this information should be available, when relevant, on our donation forms (see How we help you with compliance section). This may include:
Personal information is encrypted and securely stored on our servers.
Outside of passing your information to our clients and their data processors, we do not leverage or share your personal information. It is strictly used to manage your transaction or recurring payment.
At any time, you may request that your information be removed.
You may request a copy of the data we have on file at any time.
We do not store credit card numbers or financial data.
Reach a representative by emailing email@example.com.