Home·Privacy policy
Legal · privacy

Non-profit data practices.

ParentProof.org collects the minimum personal data needed to run a transparent non-profit: contact addresses for governance communication, donor records for tax purposes, and standard server logs. We do not run advertising; we do not sell data. Last updated 2026-04-27.

Who we are

ParentProof.org is a non-profit in formation. Until the independent entity is fully constituted, this site is administered by the ParentProof operating team under documented board oversight. Contact for privacy matters: [email protected].

What we collect

Contact form submissions. Name, email address, and message. Used to respond to your inquiry. Not added to any mailing list without explicit opt-in.

Donation records. Where applicable (donations via Stripe), we retain the amount, date, and the Stripe customer-token reference (not raw card data) for tax-receipt and audit purposes. Required by Canadian non-profit law.

Volunteer and board candidate information. Name, email, background summary as submitted via the volunteer or nominations forms. Retained for the duration of the relevant appointment or application plus 3 years.

Server logs. Standard access logs (IP, user agent, requested URL). Retained 30 days. Used to diagnose technical issues; not shared for advertising.

Analytics. Aggregate page-view data via GA4. We do not enable advertising features. No other third-party trackers.

What we do not collect

We do not collect data from children. We do not sell, rent, or trade personal data. We do not run advertising trackers. We do not collect financial data beyond what is needed for donation receipts.

Sub-processors

Google Cloud Platform (hosting), Resend (transactional email), Stripe (donation processing, if active), Google Analytics (aggregate analytics). Each operates under applicable data-processing terms.

Retention

Contact form data: 3 years. Donation and financial records: 7 years per Canadian tax law. Board and volunteer records: term of service plus 3 years. Server logs: 30 days.

Your rights

You may request access to, correction of, or deletion of your personal data by emailing [email protected]. We respond within 30 days. Canadian residents have rights under PIPEDA; EU residents under GDPR; California residents under CCPA/CPRA. We honor all of them.

Transparency commitment

As a non-profit, our data practices are subject to board oversight. The current privacy policy is always publicly available at this URL. Material changes require board approval and are announced at least 30 days before taking effect.

Questions: [email protected].