Privacy Policy
This Privacy Policy explains how personal data may be collected, used, stored, and protected when organisations use the Platform.
1. Purpose of processing
The Platform processes information for operational review, donation-risk monitoring, case management, audit history, reporting, evidence preparation, and related administrative purposes.
2. Types of data processed
Data may include donor names, transaction identifiers, donation amounts, dates, countries, payment processors, review notes, case decisions, audit history, uploaded files, generated reports, and related operational records.
3. User responsibility
Organisations using the Platform remain responsible for ensuring that personal data uploaded, connected, or processed through the Platform is collected and used lawfully, fairly, transparently, and in accordance with applicable data protection obligations.
4. Use of data
Data is used to provide Platform functionality, generate risk indicators, create review cases, maintain audit records, prepare reports, support evidence generation, improve system reliability, and assist with operational support where required.
5. Data sharing
Platform data is not intended to be sold. Data may be shared only where necessary to provide the Service, comply with legal obligations, support authorised user requests, protect system security, or where otherwise permitted by applicable law.
6. Data security
Reasonable technical and organisational measures should be used to protect data against unauthorised access, loss, misuse, alteration, or disclosure. No system can guarantee absolute security.
7. Data retention
Data should be retained only for as long as necessary for operational, contractual, legal, audit, compliance, or legitimate business purposes. Retention periods may vary depending on the organisation, use case, and applicable obligations.
8. Rights and requests
Individuals may have rights under applicable data protection law, including rights to access, correction, deletion, restriction, objection, portability, and complaint. Organisations using the Platform are responsible for handling applicable data subject requests where they act as controller.
9. Updates
This Privacy Policy may be updated from time to time to reflect changes in the Platform, operational practices, legal requirements, or data protection approach.
Last updated: 2026