Privacy Policy
How doGood collects, uses, protects, and handles account, CRM, donor, analytics, security, AI, and support data. Includes the no-sale/no-trade promise for customer and donor data.
The service collects information needed to run the CRM, including account details, organization settings, team roles, donor records, donation data, notes, files, attachments, interaction history, emails, imports, exports, receipt settings, integration settings, device details, IP address, cookies, logs, and usage events.
Information is used to provide the CRM, authenticate users, separate organization data, process billing, power imports and integrations, send service notices, troubleshoot issues, prevent abuse, monitor performance, maintain security, support customers, and honor customer configuration choices.
Do Good Labs collects product analytics about how the CRM is used, such as page views, feature usage, workflow completion, performance, errors, device/browser type, and general account activity. We use this to test the service, identify confusing areas, decide where to invest development effort, improve reliability, and make the product better for customers.
Do Good Labs does not sell, rent, or trade customer data or donor records. We do not share customer or donor data with data brokers, advertisers, or unrelated third parties for their own marketing. We share data only as needed to provide the service, comply with law, protect rights and security, complete business operations, or follow customer instructions.
Donor records are controlled by the customer organization. Privacy access, correction, deletion, communication opt-out, or donor-data questions should normally be directed to the nonprofit or organization that collected the donor relationship. Do Good Labs assists customers in responding when required.
Do Good Labs uses trusted providers for hosting, database storage, backups, payments, email delivery, analytics, security, AI features, support, file handling, and integrations. Providers receive only the access needed to perform their services and are expected to protect data appropriately.
The service uses reasonable safeguards such as encrypted connections, authenticated access, organization separation, role-based permissions, backups, monitoring, and administrative controls. No internet service can guarantee perfect security, and customers are responsible for strong passwords, user access, and safe handling of exports.
Authorized Do Good Labs personnel may access customer accounts or data when needed to provide support, investigate issues, improve reliability, protect security, comply with law, or maintain the service. Access is limited to people with a business need.
When a customer uses AI-assisted features, relevant CRM content may be processed to generate summaries, questions, drafts, recommendations, or other requested outputs. Customers should only use AI features with information they have permission to process and should review AI outputs before use.
Data is retained while needed to provide the service, maintain audit history, meet legal obligations, resolve disputes, prevent fraud, support backups, or follow customer instructions. Deleted data may remain in backups or logs for a limited period before routine deletion or de-identification.
The service uses cookies, local storage, logs, and similar technologies for login sessions, security, preferences, analytics, performance, and product improvement. These tools are not used to sell donor data or power third-party advertising profiles.
The CRM is not directed to children. Customers should avoid entering children's personal information, health information, financial account data, government IDs, or other sensitive information unless they have a lawful nonprofit purpose, required permissions, and appropriate safeguards.
Customers and users may contact Do Good Labs for privacy, security, data access, deletion, correction, billing, or support questions at support@dogoodlabs.com.