Pledgix
Back to Home
Legal

Privacy Policy

Document ID: PLG-PP-2026Version 3.1Effective: July 15, 2026

The English-language version of this document is the legally binding version.

This Policy explains what personal information Pledgix collects, exactly where it goes, and the choices you have. It covers donors, campaign organizers, team members and volunteers, and website visitors, across our web, phone, SMS, and email services.

1. Introduction & Scope

This Privacy Policy describes how Pledgix LLC ("Pledgix," "we," "us," or "our"), located at 10 Willow Dr., Suffern, NY 10901, United States, collects, uses, shares, and protects personal information in connection with the Pledgix fundraising platform, including pledgix.com, admin.pledgix.com, dash.pledgix.com, campaign pages served on white-label custom domains, and related telephone, SMS, and email services (collectively, the "Platform").

Pledgix acts in two distinct capacities. For information about Platform account holders, visitors, and our own business operations, Pledgix is the data controller (or "business" under U.S. state privacy laws). For donor and supporter information that campaign organizers collect and manage through the Platform, Pledgix generally acts as a service provider / data processor on the organizer's behalf, and the organizer is responsible for its own legal obligations to its donors.

By using the Platform you agree to this Privacy Policy. If you do not agree, do not use the Platform. Capitalized terms not defined here have the meaning given in our Terms & Conditions.

2. Information We Collect

The information we collect depends on how you interact with the Platform:

Donors and supporters

  • Identity and contact details you provide when donating: name, email address, phone number, and (where address collection is enabled) billing or mailing address details.
  • Donation details: amount, currency, campaign and team supported, dedication messages, anonymity preference, and recurring-gift schedule.
  • Technical data captured with a donation: your IP address, the approximate city/country derived from it, and device/browser information, used for fraud prevention and receipts.

Campaign organizers and administrators

  • Account and profile information: name, email, phone, organization details, and role assignments.
  • Billing and payout information: subscription payment methods, and — for payout methods — bank routing/account details, which are stored encrypted (AES-256-GCM) and displayed only in masked form.
  • Verification documents you upload for compliance review (e.g., government-issued ID, supporting letters, utility bills), stored in private, access-controlled storage.

Team members and volunteers

  • Contact details provided at team signup, your SMS consent choice, and activity related to campaigns you assist (e.g., call-session activity for volunteer callers).

Website visitors

  • Campaign page visit analytics: the campaign and team viewed, approximate city/country location, referrer URL, browser user-agent, and a session identifier. We deliberately do not store your raw IP address in visit analytics records.
  • Login security records: for account sign-ins we log IP address and derived location to detect account takeover and abuse.

Information from other sources

  • Organizer-imported records: organizers may import donor or contact lists they lawfully maintain (e.g., historical donations, phone lists). The organizer is responsible for having the right to use that data.
  • Connected integrations the organizer elects to use (e.g., in-person donation devices and enterprise donor-management systems such as Donary), which may transmit pledge and payment events into the organizer's campaign records.

3. SMS & Mobile Information Policy

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All the above categories exclude text-messaging originator opt-in data and consent; this information will not be shared with, or sold to, any third parties.

If you opt in to receive SMS messages (for example, as a campaign team member), we use your phone number solely to deliver the campaign and Platform messages you signed up for. Message frequency varies; message and data rates may apply. You can opt out at any time by replying STOP, reply HELP for help, or contact the campaign organizer or us at contact@pledgix.com. Our SMS programs are operated in accordance with U.S. carrier A2P 10DLC requirements.

4. How We Use Information

We use personal information to:

  • Operate the Platform: process donations, issue receipts, run recurring-gift schedules, display campaign progress, and provide organizer dashboards.
  • Communicate: send transactional email/SMS (receipts, account notices, security alerts), and — where consented or otherwise permitted — campaign communications.
  • Prevent fraud and abuse: bot detection (Cloudflare Turnstile), rate limiting, IP-based risk signals, payment-fraud controls, and login auditing.
  • Comply with law: tax receipting, financial record-keeping, sanctions screening, responding to lawful requests, and protecting the charitable status of Pledgix Charitable Fund Inc. for Pledgix One campaigns.
  • Improve the Platform: aggregate, de-identified analytics about feature usage and campaign performance.

Where the GDPR or similar laws apply, our legal bases are: performance of a contract (providing the Platform), legitimate interests (security, fraud prevention, service improvement), consent (where required, e.g., certain SMS marketing), and legal obligation (tax and financial records).

5. Artificial Intelligence Processing

The Platform includes AI-assisted features powered by Google Gemini (Google LLC), acting as our sub-processor:

  • Campaign content generation. When an organizer uses AI tools to draft campaign copy or banner images, the campaign text and image prompts the organizer supplies are sent to Google for processing. No donor personal data is included.
  • Caller briefings. For campaigns using our call-center tools, the Platform can generate short AI summaries that help authorized campaign callers prepare for a conversation. Before any data is sent to Google, we apply strict minimization: the AI model receives only a donor's first name and last initial, city, giving-history amounts and dates, pledge status, and brief note snippets from which email addresses, phone numbers, and any card-like digit sequences have been automatically removed. The model never receives full names, email addresses, phone numbers, street addresses, or payment details.

AI outputs are cached on our own infrastructure, are visible only to authorized campaign staff, and are never used to make automated decisions with legal or similarly significant effects about you. Our agreements with Google prohibit use of this data to train Google's models. Organizers who enable AI caller briefings are responsible for providing any notice to their donor community that applicable law requires. You may object to AI processing of your donor record by contacting us or the campaign organizer.

6. Payment Card Information

Pledgix never sees, stores, or transmits your full payment card number. Card details are collected and tokenized directly by our PCI-DSS–compliant payment processors:

  • Online donations: card fields are rendered by Stripe (Stripe Elements) or Sola/Cardknox (hosted iFields) and tokenize inside the processor's systems; our servers receive only a payment token and transaction result.
  • Phone donations: card digits entered by phone are captured and tokenized inside Twilio's PCI-scoped payment environment; our systems receive only a token.

We retain transaction metadata (amount, currency, status, processor transaction ID, masked card details such as brand and last four digits) as required for receipts, refunds, disputes, and financial records.

7. Bank Account Connections (Plaid)

The Platform supports (and is expanding support for) linking bank accounts for payouts and ACH payments through Plaid Inc. When you connect a bank account through Plaid:

  • You provide your bank credentials directly to Plaid — they are never transmitted to or stored by Pledgix.
  • Plaid provides us with access tokens and account information (such as account and routing numbers, account ownership details, and balance information) needed to verify your account and process transfers.
  • Your use of Plaid is governed by the Plaid End User Privacy Policy (plaid.com/legal), and you grant Pledgix and Plaid the rights described there to access and transmit your financial data for these purposes.

Where you instead provide bank details manually for payouts, we store them encrypted (AES-256-GCM) and display them only in masked form. You may revoke a bank connection at any time by contacting us; revocation does not affect transfers already initiated.

8. Geolocation

We derive approximate location (country and city) from IP addresses to power campaign analytics, currency defaults, and fraud prevention. This lookup runs entirely on our own servers against a locally hosted MaxMind GeoLite2 database — your IP address is never sent to a third-party geolocation service. Derived city/country values are stored with donations and visit analytics; raw IP addresses are stored only on donation records and login-security logs, and in a short-lived (4-day) internal cache.

9. Cookies, Local Storage & Tracking

The Platform uses only essential cookies and browser storage: authentication session tokens, security state (e.g., idle-timeout tracking), and preferences such as language. We do not use third-party advertising cookies, social-media pixels, or cross-site behavioral tracking, and we do not run third-party analytics trackers such as Google Analytics on the Platform.

Cloudflare Turnstile runs on donation and sign-in forms to distinguish humans from bots; it processes your IP address and browser signals for that sole purpose. Because we use only essential technologies, the Platform functions the same regardless of "Do Not Track" browser signals; we honor opt-out preference signals where applicable law requires.

10. Service Providers & Data Sharing

We share personal information only as described in this Policy — with service providers bound by contract to process it solely for us, with campaign organizers as described in Section 11, and as required by law. We do not sell personal information, and we do not share it for cross-context behavioral advertising.

ProviderPurposeData involved
StripeCard payments & payouts (Stripe Connect)Payment details (direct to Stripe), donor name/email, amounts
Sola / CardknoxCard & ACH payment processingPayment details (direct to processor), donor name/email, amounts
PlaidBank account linking & verificationBank credentials (direct to Plaid), account/routing, balances
TwilioVoice calls, IVR phone donations, SMS fallbackPhone numbers, call metadata, message content
TelnyxSMS deliveryPhone numbers, message content
SendGrid / ResendTransactional & campaign emailEmail addresses, names, message content, receipt PDFs
Google (Gemini)AI features (Section 5)Minimized campaign/donor summaries as described above
Google (Places, Calendar)Address autocomplete; organizer-elected calendar syncTyped address fragments; campaign event details
CloudflareBot protection (Turnstile), CDN/DNSIP address, browser signals
Supabase / DigitalOcean / VercelHosting, database, storage, deliveryPlatform data at rest and in transit
Gravatar (Automattic)Optional profile avatars in organizer toolsA one-way hash of the donor email (never the address itself)
DonaryOrganizer-elected donor-management integrationPledge/payment events for that organizer’s campaigns
MaxMindGeolocation database (runs locally — no data sent)None transmitted

We may also disclose information to comply with law or legal process, to enforce our agreements, to protect the rights, safety, or property of Pledgix, our users, or the public, in connection with fraud investigations, and as part of a merger, acquisition, or sale of assets (with notice where required).

11. Sharing with Campaign Organizers

When you donate to or join a campaign, the campaign's organizer and its authorized staff can see the information connected to that campaign — your name (unless you donate anonymously, in which case your identity is hidden from public display but remains visible to the organizer for receipting and legal compliance), contact details, donation history for that campaign, and messages you submit. Organizers are independently responsible for how they use donor information outside the Platform and for complying with the laws that apply to them. For campaigns run under the Pledgix One program, donation records are also maintained by Pledgix Charitable Fund Inc. as the receiving charity.

12. Google Workspace API Data & Limited Use

Certain Platform features access Google user data through Google APIs — for example, the organizer-elected Google Calendar sync and address autocomplete described in Section 10. We access only the data and scopes you authorize on Google's consent screen, and we use that data solely to provide the feature you enabled.

The use of raw or derived user data received from Workspace APIs will adhere to the Google User Data Policy, including the Limited Use requirements.

In particular, Pledgix's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not transfer Google user data to third parties except as necessary to provide or improve user-facing features, to comply with applicable law, or as part of a merger or acquisition with prior notice; we do not use it for advertising; and humans do not read it except with your affirmative consent, for security purposes, to comply with law, or when aggregated and anonymized for internal operations. We do not use any raw or derived user data received from Google Workspace APIs to develop, improve, or train generalized (non-personalized) artificial intelligence and/or machine-learning models.

13. Data Retention

  • Donation and financial records — retained for as long as necessary to satisfy tax, accounting, dispute, and audit obligations (generally at least seven years).
  • Receipt PDF files — automatically purged from storage after approximately 365 days (the underlying donation record and the ability to regenerate a receipt are retained).
  • Visit analytics — retained in city-level, non-IP form for campaign reporting.
  • Geolocation cache — raw-IP cache entries expire automatically after 4 days.
  • Account data — retained while your account is active and for a reasonable period afterward for security and legal purposes.
  • Compliance documents (Pledgix One) — retained as required to protect the charitable status and audit trail of Pledgix Charitable Fund Inc.

14. Your Privacy Rights

Depending on where you live (including under the GDPR, UK GDPR, and U.S. state privacy laws such as the CCPA/CPRA), you may have the right to: access the personal information we hold about you; receive a portable copy; correct inaccurate data; request deletion; restrict or object to certain processing (including the AI processing described in Section 5); and not be discriminated against for exercising these rights.

To exercise any of these rights, email contact@pledgix.com with the subject line "Privacy Request." We will verify your identity and respond within 30 days (or the shorter period a specific law requires). Note that requests concerning data an organizer controls (e.g., your donor record with a specific campaign) may be referred to that organizer, and that we must retain certain financial and tax records even after a deletion request. California residents: we do not "sell" or "share" personal information as defined by the CCPA/CPRA, and we have not done so in the preceding 12 months. EU/UK residents may also lodge a complaint with their supervisory authority.

15. International Data Transfers

The Platform is operated from the United States and information is processed on U.S.-based infrastructure. If you access the Platform from outside the U.S. (including the EU/EEA, UK, or Israel), your information will be transferred to and processed in the United States. Where required, we rely on appropriate safeguards for such transfers, including standard contractual clauses with our sub-processors.

16. Security

We employ technical and organizational safeguards appropriate to the sensitivity of the data we handle, including: TLS encryption in transit; AES-256-GCM encryption at rest for payment credentials, bank details, and integration secrets; strict role-based access controls and multi-factor authentication for administrative access; private, access-controlled storage for receipts and compliance documents; webhook signature verification; and audit logging of sensitive operations. No system is perfectly secure — if we learn of a breach affecting your personal information, we will notify you and regulators as applicable law requires.

17. Children’s Privacy

The Platform is not directed to children, and account holders must be at least 18 years old. We do not knowingly collect personal information from children under 13 (or the higher age applicable law specifies). If you believe a child has provided us personal information, contact us and we will delete it.

18. Changes to This Policy

We may update this Privacy Policy from time to time. The "Effective" date above reflects the latest revision. For material changes we will provide prominent notice (such as email to account holders or an in-Platform notice) at least 30 days before the change takes effect where practicable. Continued use of the Platform after the effective date constitutes acceptance of the revised Policy.

19. Contact Us

Pledgix LLC
10 Willow Dr.
Suffern, NY 10901, United States
Email: contact@pledgix.com

For privacy rights requests, use the subject line "Privacy Request." For questions about a specific campaign's use of your data, you may also contact that campaign's organizer directly.