Causly ("we," "our," or "us") operates the causly.org platform and associated organization subdomains.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you
use our platform, whether as a nonprofit administrator, donor, volunteer, or visitor.
Information We Collect
Information You Provide
- Account information: Name, email address, password when you create an account.
- Contact information: Phone number, mailing address when making a purchase or signing up.
- Payment information: Payment details are processed directly by PayPal or Stripe. We do not store credit card numbers. We store transaction IDs for record-keeping.
- Custom form responses: Information you provide through custom checkout fields (e.g., veteran names, dedications, business information) as configured by the organization.
- Uploaded files: Documents or images you upload through checkout forms (e.g., business logos).
- Communication preferences: Your choice of how you'd like to be contacted (email, SMS, or both).
Information Collected Automatically
- Session data: We use cookies to maintain your login session. These are essential cookies required for the platform to function.
- Log data: Server logs may include your IP address, browser type, and pages visited for security and troubleshooting purposes.
How We Use Your Information
- Process your purchases and donations
- Send transaction confirmations and receipts
- Provide organizations with supporter and donor records
- Send communications you've opted into (email or SMS)
- Maintain and improve the platform
- Prevent fraud and ensure security
How We Share Your Information
We share your information only in the following circumstances:
- With the organization you're supporting: When you make a purchase or sign up, your information is shared with that nonprofit organization for their operational purposes.
- Payment processors: PayPal and Stripe process your payments under their own privacy policies.
- Service providers: We use Resend for email delivery, Amazon Web Services (AWS) for file storage, and Fly.io for hosting. These providers process data on our behalf under data processing agreements.
- Legal requirements: We may disclose information if required by law or to protect our rights.
We do not sell your personal information to third parties.
Data Storage and Security
Your data is stored on servers operated by Fly.io and Amazon Web Services in the United States.
Sensitive credentials (payment API keys, messaging tokens) are encrypted at rest using Rails Active Record Encryption.
All connections use HTTPS/TLS encryption in transit.
Cookies
We use essential session cookies to keep you logged in. We do not use tracking cookies,
analytics cookies, or advertising cookies. Third-party payment providers (PayPal, Stripe)
may set their own cookies when you interact with their payment forms.
Your Rights
You have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate information
- Request deletion of your account and associated data
- Opt out of non-essential communications
- Update your contact preferences at any time through your account portal
To exercise these rights, contact the organization you signed up with or email us at support@causly.org.
Children's Privacy
Our platform is not directed at children under 13. We do not knowingly collect personal
information from children under 13. If you believe we have collected such information,
please contact us immediately.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes
by posting the updated policy on this page with a revised "Last updated" date.
Contact Us
If you have questions about this Privacy Policy, contact us at
support@causly.org.