DonationPay Log In Get Started Now

Privacy Policy

At DonationPay, we are committed to protecting the privacy and security of our donors and the charities we serve. This policy explains how we handle your personal data.

1. Introduction

DonationPay is a service provided by Code Smart Web Limited ("we", "us", "our"). We act as a data processor on behalf of the Charities using our platform to collect donations. This policy outlines our practices regarding the collection, use, and disclosure of personal information when you use our digital giving platform.

We are registered with the Information Commissioner's Office (ICO) in the United Kingdom and comply with the UK GDPR and the Data Protection Act 2018.

2. Data We Collect

When you make a donation or register a charity, we may collect the following information:

  • For Donors: Name, email address (for receipts), and donation amount.
  • For Gift Aid: Full home address and postcode (required by HMRC regulations).
  • For Charities: Contact details, bank account information (processed via Stripe Connect), and diocese information.

Note on Payment Data: DonationPay does not store or process your credit/debit card details. All payments are handled securely by Stripe, a PCI-compliant payment processor.

3. How We Use Your Data

We use the collected data for the following purposes:

  • To process your donations and send digital receipts.
  • To generate Gift Aid reports for the Charity Treasurer to submit to HMRC.
  • To provide Charities with a transparent audit trail of their digital collections.
  • To maintain the security and integrity of our platform.

4. Gift Aid & HMRC Compliance

HMRC requires that Gift Aid declarations be kept as evidence of the donor's tax status. For this reason, we store Gift Aid declarations and donor addresses for a minimum of 6 years, as mandated by UK tax law. This data is only accessible to the authorized Charity Treasurer and our system administrators for reporting purposes.

5. Data Sharing

We do not sell or rent your personal data to third parties. We only share data with:

  • Your Charity: So they can account for the donation and claim Gift Aid.
  • Stripe: To process the financial transaction.
  • HMRC: Via the reports generated for the Charity Treasurer.

6. Security

We use industry-standard SSL/TLS encryption for all data transfers. Our infrastructure is hosted on secure servers with regular security audits. Access to charity data is restricted to authorized personnel only via secure login credentials.

7. Your Rights

Under UK GDPR, you have the right to access, correct, or request the deletion of your personal data. However, please note that data related to Gift Aid declarations must be retained for the period required by HMRC. For any data requests, please contact us at the email provided below.

8. Contact Us

If you have any questions about this Privacy Policy, please contact our Data Protection Officer:

Simple Giving. No cash, no envelopes, just heart.

Return to Homepage
Top
Contact us on WhatsApp