FundraiserMax LLC Privacy Policy

Effective Date: March 9, 2026Version 1.0

1. Scope and Application

This Privacy Policy describes how FundraiserMax LLC (“FundraiserMax,” “we,” “us,” or “our”) collects, uses, shares, and protects information in connection with the FundraiserMax service (the “Service”).

This policy applies to Customer organizations that use the Service and to the individuals whose personal information is processed through the Service (including donors, contacts, and staff). In the context of data processed through the Service on behalf of a Customer, the Customer is the data controller and FundraiserMax is the data processor. FundraiserMax processes Customer Data solely in accordance with the Customer's instructions and the terms of the FundraiserMax Terms and Conditions Agreement.

As used in this policy, “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household. This includes, but is not limited to, name, postal address, email address, telephone number, payment information, and online identifiers such as IP address. Personal Information does not include aggregate or de-identified data that cannot reasonably be used to identify any individual.

2. Information We Collect

2.1. Account Information

When a Customer creates an account, we collect the organization's legal business name, administrator name, email address, phone number, and billing address. Customer is responsible for keeping this information accurate and current.

2.2. Customer Data and Donor Data

Customers submit data to the Service including contact records, donor information, donation and transaction history, financial data, communication logs, event records, and other information relevant to their fundraising operations. This data is owned exclusively by the Customer as set forth in the Terms and Conditions.

2.3. Payment Information

We collect payment information (such as credit card numbers) to process subscription billing. Payment data is transmitted using SSL encryption and processed in compliance with the Payment Card Industry Data Security Standard (PCI DSS). Full credit card numbers are not stored on our servers.

2.4. Automatically Collected Information

When you access the Service, we automatically collect certain technical information, including IP address, browser type and version, device information, operating system, referring URL, pages viewed, session duration, and usage patterns. This information is collected through server logs and similar technologies.

2.5. Cookies and Similar Technologies

We use cookies, local storage, and similar technologies to operate the Service, maintain sessions, and understand usage. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

3. How We Use Information

3.1. To Provide and Maintain the Service

We use the information collected to operate, maintain, and improve the Service, including authenticating users, managing accounts, providing customer support, and delivering the features described in our Help Documentation.

3.2. To Process Transactions

We use payment information to process subscription billing, issue invoices, and manage account status.

3.3. To Communicate

We use contact information to send transactional communications (such as service notices, billing confirmations, and security alerts) and, where permitted, product updates and announcements. Transactional communications are necessary for the operation of the Service and cannot be opted out of. Marketing communications may be opted out of at any time.

3.4. To Improve the Service

We use aggregate, de-identified usage data to analyze trends, monitor performance, and improve the Service. Such aggregate data does not contain personally identifiable or Customer-specific information, consistent with the Terms and Conditions.

3.5. For Security and Fraud Prevention

We use technical and usage information to detect, prevent, and respond to security incidents, fraud, abuse, and violations of our Terms and Conditions.

3.6. To Comply with Legal Obligations

We may process information as necessary to comply with applicable laws, regulations, legal processes, or governmental requests.

4. Information Sharing and Disclosure

We do not sell personal information. We share information only in the following circumstances:

4.1. Service Providers

We share information with third-party service providers who assist in operating the Service, including hosting, payment processing, and email delivery. These providers are bound by written confidentiality agreements and are permitted to use the information only to perform services on our behalf.

4.2. Legal Requirements

We may disclose information when required by law, court order, subpoena, or governmental regulation. Where permitted by law, we will provide written notice to the affected Customer before making such disclosure.

4.3. Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, Customer Data may be transferred as part of that transaction. We will notify affected Customers of any such transfer and any choices they may have regarding their information.

4.4. With Customer's Consent

We may share information with third parties when Customer has explicitly consented to such sharing.

4.5. Aggregate and De-Identified Data

We may share aggregate or de-identified data that cannot reasonably be used to identify any individual or Customer. This is consistent with the Terms and Conditions, which exclude such data from the definition of Confidential Information.

5. Data Security

We maintain reasonable administrative, physical, and technical safeguards designed to protect the confidentiality, integrity, and availability of information processed through the Service. These measures include:

  • SSL/TLS encryption for all data transmitted between Customer devices and FundraiserMax servers.
  • Encryption of sensitive data at rest.
  • Role-based access controls and authentication requirements.
  • Regular security assessments and vulnerability testing.
  • Incident detection and response procedures.

No method of electronic transmission or storage is completely secure. While we strive to protect information using commercially reasonable measures, we cannot guarantee absolute security. This is consistent with the disclaimer of warranties in our Terms and Conditions.

6. Data Retention

We retain Customer Data for as long as the Customer's account is active and as needed to provide the Service. Specific retention practices include:

  • Active accounts: Customer Data is retained for the duration of the Term as defined in the Terms and Conditions.
  • After termination: Following account termination, Customer Data is retained on our live systems for a minimum of ninety (90) days to allow Customer to retrieve its data. After this period, data is deleted from live systems.
  • Backups: Daily backup copies of Customer Data are maintained for a period consistent with our standard business processes, which shall not be less than ninety (90) days.
  • Legal holds: We may retain information beyond the standard retention periods where required by law, regulation, or to preserve evidence in connection with legal proceedings.

7. Your Rights

7.1. Access and Portability

Customers may access and export their data through the Service at any time during the Term. Upon termination, Customers may request a copy of their data as described in Section 12.4 of the Terms and Conditions.

7.2. Correction

Customers may correct inaccurate information directly through the Service. Individuals whose personal information is processed through the Service on behalf of a Customer should direct correction requests to that Customer.

7.3. Deletion

Customers may request deletion of their data by terminating their account. Data deletion is subject to the retention periods described in Section 6 and any applicable legal requirements.

7.4. Opt-Out of Marketing Communications

You may opt out of marketing communications at any time by using the unsubscribe link in any marketing email or by contacting us at support@fundraisermax.com. Opting out of marketing communications does not affect transactional communications necessary for the operation of the Service.

7.5. California Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:

  • The right to know what personal information we collect, use, and disclose.
  • The right to request deletion of your personal information.
  • The right to opt out of the sale of personal information (we do not sell personal information).
  • The right to non-discrimination for exercising your privacy rights.

To exercise any of these rights, contact us using the information in Section 11.

7.6. How to Exercise Your Rights

To exercise any privacy right described in this policy, contact us at support@fundraisermax.com. We may need to verify your identity before processing your request. We will respond to verified requests within the timeframes required by applicable law.

8. Children's Privacy

The Service is designed for use by organizations and is not directed at children under the age of thirteen (13). We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

9. International Data Transfers and GDPR

The Service is operated from the United States. If you access the Service from outside the United States, you understand and consent to the transfer, processing, and storage of your information in the United States, where data protection laws may differ from those in your jurisdiction.

9.1. European Economic Area (EEA) Residents

If we collect or process Personal Information from residents of the European Economic Area, we do so in compliance with the General Data Protection Regulation (GDPR). Under the GDPR, EEA residents have additional rights, including:

  • The right to access their Personal Information and obtain a copy.
  • The right to rectification of inaccurate or incomplete data.
  • The right to erasure (“right to be forgotten”) in certain circumstances.
  • The right to restrict processing of their Personal Information.
  • The right to data portability in a structured, commonly used, machine-readable format.
  • The right to object to processing based on legitimate interests or for direct marketing purposes.
  • The right to withdraw consent at any time where processing is based on consent.

Where we process data on behalf of a Customer (as data processor), EEA residents should direct requests to exercise these rights to the applicable Customer (data controller). Where FundraiserMax acts as a data controller (e.g., for account and billing information), requests may be directed to support@fundraisermax.com. We will respond within the timeframes required by the GDPR.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide at least thirty (30) days' advance notice by posting the updated policy on this page with a new effective date and, where appropriate, notifying Customer administrators by email. Continued use of the Service after the updated policy takes effect constitutes acceptance of the changes.

11. Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

FundraiserMax LLC
Email: support@fundraisermax.com
San Francisco, California, United States