Privacy Policy

Last updated: March 24, 2026

MyDonateBox is operated by BitterSweet Software Inc. ("we", "us", "our"), a company based in Hamilton, Ontario, Canada. This privacy policy explains how we collect, use, and protect your information when you use our website, dashboard, and embeddable donation widget (collectively, the "Service").

Information We Collect

Account Information

When you create an account through Google sign-in (powered by Clerk), we receive and store your email address and name from your Google profile. We also store the organization name you provide during setup.

Payment Information

We do not collect, store, or process payment card information. All payment processing is handled by Stripe. When you connect a Stripe account, we store a Stripe account identifier to link your organization to your payment account. We do not have access to your bank account details, card numbers, or other financial credentials.

Widget Configuration

We store the configuration data you set for your donation widgets, including titles, descriptions, donation amounts, currency, color preferences, and theme settings.

Donor Information

When a donor makes a donation through a widget, the transaction is processed entirely by Stripe on your connected account. We do not collect or store any personal information about donors. Donor data (name, email, payment details) is managed by Stripe and visible in your own Stripe dashboard.

Usage Data

We may collect anonymized usage data in the future to improve the Service, such as page views and feature usage. If we implement analytics, this policy will be updated accordingly.

How We Use Your Information

We use the information we collect to:

Third-Party Services

We use the following third-party services that may process your data:

Data Storage and Security

Your data is stored on AWS infrastructure in the United States. We use encryption in transit (TLS/HTTPS) and at rest for all stored data. Access to production systems is restricted to authorized personnel only.

Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.

Your Rights

You have the right to:

If you are a resident of the European Economic Area (EEA) or the United Kingdom, you have additional rights under GDPR. If you are a resident of Canada, your rights are protected under PIPEDA. To exercise any of these rights, contact us at the email below.

Cookies

Our dashboard uses essential cookies for authentication session management (provided by Clerk). We do not use advertising or tracking cookies. The embeddable widget does not set any cookies.

Children's Privacy

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by posting a notice on our website or sending you an email. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

Contact Us

If you have questions about this privacy policy or your personal data, contact us at:

BitterSweet Software Inc.
Hamilton, Ontario, Canada
support@mydonatebox.com