Privacy Policy
Effective: [EFFECTIVE_DATE]
donationDefender (“we,” “us,” or the “Service”), operated by [LEGAL_ENTITY_NAME], takes your privacy seriously. This Policy describes what information we collect, how we use it, who we share it with, and the rights you have over it.
1. Information We Collect
Account information. When you create an account, we collect your email address, name, password (stored as a salted hash via AWS Cognito), and the organization you belong to.
Photos and analyses. When you upload photos of donated items, we store the photo files in AWS S3 and process them through our two-pass AI vision pipeline to identify items, extract visible text (sizes, brands, labels), assess condition, and estimate value. The structured outputs of those analyses are stored alongside your photos in our database.
Payment information. Subscription billing is handled by Stripe. We do not store your full credit-card number; we only retain a Stripe customer identifier, the last four digits, the brand of the card, and the billing email on file.
Usage and device information. We collect log data including IP address, device type, operating system, app version, timestamps of requests, and which features you interact with. This is used to operate, debug, and improve the Service.
2. How We Use Your Information
- To provide and operate the Service — account management, photo processing, value estimation, collection organization, tax-receipt support;
- To bill you for paid subscriptions and respond to payment-related inquiries;
- To send you transactional email (account confirmations, password resets, billing receipts, security alerts);
- To improve the Service in aggregate — e.g. measuring which features are used, identifying bugs;
- To comply with legal obligations and protect against fraud or abuse.
We do not sell your personal information, and we do not share it with advertisers.
3. Subprocessors & Third-Party Services
We use the following third-party services to operate donationDefender. By using the Service, you acknowledge that your data is processed by these providers under their own privacy terms.
- Amazon Web Services (AWS) — hosting infrastructure (US regions), identity (Cognito), photo storage (S3), database (Aurora), email delivery (SES);
- Anthropic, via AWS Bedrock — Claude vision and text models that perform the item-identification and value-estimation passes on your photos and their derived metadata. Photos and analyses are transmitted to Claude solely to produce the Service’s output and are subject to AWS Bedrock’s data-handling terms (in particular, customer content is not used to train foundation models);
- Stripe — payment processing and subscription billing;
- [ANALYTICS_PROVIDER_IF_ANY] — product analytics (if applicable; remove this line if you do not use a third-party analytics provider).
4. AI Processing & Photo Content
Photos you upload may incidentally contain personal information — faces of people in the background, identifying paperwork on a donated item, etc. Our AI pipeline focuses on identifying the donated items themselves and is not designed to extract or store information about identifiable individuals. We recommend that you avoid uploading photos that contain sensitive personal information of non-users.
Value estimates produced by AI are informational only and should not be relied upon for tax-filing or legally binding appraisals — see our Terms of Service for the full disclaimer.
5. Data Retention
- Account data: retained while your account is active. After you request account deletion, account data is removed within 30 days, except where retention is required by law;
- Photos and analyses: retained until you delete the item, delete the collection, or close your account. Backups may persist for up to 90 days after deletion;
- Billing records: retained for up to 7 years to satisfy United States tax-record requirements;
- Server logs: retained for up to 90 days, then deleted or aggregated.
6. Your Rights
You have the right to:
- Access the personal information we hold about you;
- Request correction of inaccurate data;
- Request deletion of your account and associated data;
- Export your collections and analyses in a portable format;
- Opt out of any non-essential email communications.
California residents (CCPA): you also have the right to know what categories of personal information we collect, the right to deletion, and the right to opt out of the “sale” of personal information (we do not sell personal information).
European Economic Area residents (GDPR): you also have the rights to portability, restriction of processing, and to lodge a complaint with your supervisory authority.
To exercise any of these rights, email [PRIVACY_EMAIL]. We will respond within 30 days.
7. Cookies & Tracking
The donationDefender website uses essential cookies and local storage to keep you signed in, remember your preferences, and operate basic features. We do not use third-party advertising cookies. Disabling essential cookies will break the Service.
8. Children
donationDefender is not intended for users under the age of 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us at [PRIVACY_EMAIL] and we will delete it.
9. International Data Transfers
Our infrastructure is hosted in the United States (AWS US regions). If you access the Service from outside the United States, your data will be transferred to and processed in the United States. By using the Service, you consent to this transfer.
10. Security
We use industry-standard safeguards including TLS encryption in transit, encryption at rest for S3 and database storage, role-based access controls, and audit logging. No system is perfectly secure; we cannot guarantee absolute security and we encourage you to use a strong, unique password.
11. Changes to This Policy
We may update this Policy from time to time. If we make material changes, we will notify active users by email and update the “Effective” date above.
12. Contact
Privacy requests: [PRIVACY_EMAIL]. General support: [SUPPORT_EMAIL].