When you use our services you entrust us with YOUR valuable information. We have made it a priority to protect your data and to provide you with choices about controlling it.
Donor Tools primary data and servers are hosted at Rails Machine's data center (Atlanta, GA).
The data center is Type 2 SSAE 16 SOC 1 accredited and includes keycard protocols, biometric scanning protocols, armed guards, and round-the-clock surveillance. Our environment is colocated, meaning we have full control of the physical environment and only our policies affect the access and use of the hardware, network and software. We provide multiple levels of backups and redundancy to ensure uptime and peace of mind. Donor Tools itself has not undergone a SOC audit, but our data center has. A copy of the most recent SOC report may be provided on request after completing an NDA.
We use technical and physical controls designed to prevent unauthorized access to personal data. We restrict access to personal data only to our employees, contractors and agents who require access to operate, develop or improve our service. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution if they fail to meet these obligations.
Donor Tools offers payments through WePay, Inc. ("WePay"), a third-party payment processor. In order for you to use WePay's payment processing services, you must register with WePay as a merchant.
The WePay Terms of Service explain that process and are available here.
Canadian organizations: By creating a merchant account with WePay, you are agreeing to accept debit card payments. Please review the FCAC Code of Conduct Requirements.