Privacy Policy
Effective: July 8, 2026 · Last updated: July 8, 2026
This Privacy Policy explains how ThankFirst (“ThankFirst,” “we,” “us”) collects, uses, shares, and protects personal data. It covers our marketing website, our applications, and the donor data our customers process using the Service. It should be read alongside our Terms of Service and Security overview.
1. Overview & our two roles
ThankFirst provides donor-development software to nonprofit organizations. We handle personal data in two distinct roles:
- As a controller — for personal data we determine the purposes of, such as the account details of the staff who administer an organization, website visitors, and people who request a demo or contact us.
- As a processor— for the Donor Data that customer organizations import and manage in the platform. The customer is the controller of that data and decides why and how it is processed; we process it only on the customer's documented instructions to provide the Service.
If you are a donor or contact of an organization that uses ThankFirst, that organization — not ThankFirst — is responsible for your data; please direct privacy requests to them (see section 11).
2. Information we collect
Account data
Name, work email, organization name, role, and authentication data when you sign up, are invited, or manage a Subscription. If you subscribe to a paid plan, our payment processor collects billing details; we receive limited billing metadata (such as plan, status, and the last four digits of a card) but not full card numbers.
Donor data (processed on behalf of customers)
Names, contact details, giving history, capacity or wealth ratings, tags, notes, and related records that a customer organization imports or enters. This data belongs to the customer; we process it only to provide the Service.
Usage & device data
Pages and features used, actions taken, approximate location derived from IP address, browser and device type, and log data. We use this to operate, secure, troubleshoot, and improve the product.
Communications
Information you provide when you request a demo, contact support, or correspond with us, including the content of your messages.
3. How & why we use data
- provide, maintain, and secure the Service, including tenant isolation and access control;
- generate donor classifications, ask-amount guidance, and stewardship recommendations for our customers;
- process billing and manage Subscriptions;
- respond to demo requests, support inquiries, and other communications;
- monitor performance, detect and prevent fraud or abuse, and diagnose technical issues;
- understand aggregate usage to improve features and reliability; and
- comply with legal obligations and enforce our agreements.
We do not sell personal data, we do not use Donor Data to train machine-learning models, and we do not use Donor Data for advertising.
4. Legal bases for processing
Where the GDPR or similar laws apply and we act as a controller, we rely on: contract (to provide the Service you request), legitimate interests (to secure, operate, and improve the Service, balanced against your rights), consent (for optional analytics cookies and marketing, where required, which you may withdraw), and legal obligation (to meet record-keeping and compliance requirements). Where we act as a processor of Donor Data, the customer (controller) is responsible for establishing the legal basis for that processing.
6. International data transfers
We and our subprocessors may process data in the United States and other countries. Where we transfer personal data across borders in a way that triggers legal safeguards, we rely on appropriate mechanisms such as the European Commission's Standard Contractual Clauses and equivalent safeguards, together with supplementary technical measures like encryption. (Specific mechanisms and data-residency options to be confirmed by counsel.)
8. Retention & deletion
We retain account and Donor Data for as long as an organization's account is active and as needed to provide the Service. Customers can export their complete data at any time and can request deletion of their organization or of individual records. Following account termination, Customer Data may be exported during a 30-day grace period, after which it is deleted in the ordinary course, subject to legal-retention requirements and routine backup cycles. We retain limited records (such as billing and audit logs) as long as required for legal, accounting, or security purposes.
9. How we protect data
Every organization's data is isolated at the database layer using Row-Level Security enforced by the database — not merely by the application — and tested adversarially on every build. Access is scoped by least-privilege roles; committee members never see wealth data, and board viewers see aggregates only. Sensitive actions, including data exports and ask-timing overrides, are recorded in an append-only audit log. Data is encrypted in transit (TLS) and at rest. See our Security overview for details. No system is perfectly secure, but we work continuously to protect your data.
10. Your privacy rights
Depending on where you live, you may have some or all of the following rights regarding your personal data:
- Access — obtain a copy of the personal data we hold about you;
- Rectification — correct inaccurate or incomplete data;
- Erasure — request deletion, subject to legal exceptions;
- Portability — receive certain data in a machine-readable format;
- Restriction / objection — limit or object to certain processing, including for direct marketing; and
- Withdraw consent — where processing is based on consent, at any time, without affecting prior processing.
To exercise a right for data we control, email privacy@thankfirst.com. We will verify your request and respond within the time required by applicable law. You will not be discriminated against for exercising your rights, and you may lodge a complaint with your local data-protection authority.
11. Donor data & your role
When we process Donor Data, we do so as a processor on behalf of the customer organization that is the controller. If you are a donor or contact and wish to access, correct, or delete your data, please contact the organization that manages your relationship; they control that data. We will assist our customers in responding to such requests as required by our agreement with them and applicable law.
12. Children's privacy
The Service is intended for use by nonprofit staff and volunteers and is not directed to children. We do not knowingly collect personal data directly from children under 13 (or the applicable age in your jurisdiction) through our own controller activities. If you believe a child has provided us data in that context, contact us and we will delete it.
13. Breach notification
We maintain procedures to detect, investigate, and respond to security incidents. If a breach affecting personal data occurs, we will notify affected customers and, where we act as controller, affected individuals and regulators, without undue delay and consistent with applicable law — including the information reasonably needed to assess and mitigate the incident.
14. Changes to this policy
We may update this policy to reflect changes in our practices or legal requirements. We will post the updated version with a new “Last updated” date and, for material changes, provide additional notice (for example, by email or an in-product notice). Continued use of the Service after an update takes effect constitutes acknowledgment of the updated policy.
15. How to contact us
Questions about this policy or your data: privacy@thankfirst.com. For security reports, use security@thankfirst.com. A postal address and, where required, an EU/UK representative and Data Protection Officer will be listed here before launch.