GiftSentry is a self-hosted platform. This means that donor data processed through your institution's deployment of GiftSentry resides on infrastructure you control — not on our servers. This privacy policy covers the limited data we collect through this marketing website (giftsentry.com) and any direct communication with us.

1. What We Collect (Website)

When you visit giftsentry.com, we may collect:

• Standard server logs (IP address, browser type, pages visited, referring URL)
• Information you voluntarily submit through our contact or demo request forms (name, email, institution, message)
• Aggregated, anonymized analytics about how visitors use this site

We do not use advertising trackers, third-party behavioral analytics, or remarketing pixels on this marketing website.

2. What We Don't Collect

Because GiftSentry is self-hosted, your institution's donor data is never transmitted to us. We do not:

• Have access to your PostgreSQL database or constituent records
• Receive copies of donation transactions or payment data
• Store API keys or integration credentials (those are encrypted on your infrastructure)
• Have visibility into your advancement operations unless you explicitly share information during a support engagement

3. How We Use Website Data

Information collected through this website is used exclusively to:

• Respond to your demo requests and messages
• Improve the content and usability of this website
• Understand which features and capabilities are most relevant to prospective customers

We do not sell, rent, or share your contact information with third parties for marketing purposes.

4. Data Retention

Contact form submissions are retained for as long as necessary to complete the relevant engagement or conversation. You may request deletion of your information at any time by emailing hello@giftsentry.com.

5. Third-Party Services (This Website)

This marketing website uses Google Fonts for typography (loaded from Google's CDN). No other third-party analytics, advertising, or tracking services are active on this site. Our web host processes standard access logs in accordance with their privacy policy.

6. Your Institution's Deployment

When your institution deploys GiftSentry on its own infrastructure, all privacy obligations for donor data are governed by your institution's own privacy policies, FERPA obligations, and applicable data protection regulations. GiftSentry provides technical controls (RBAC, encryption, audit trails, consent management) to support your compliance obligations — but your institution is the data controller for all constituent information processed through its deployment.

The advertising integrations (Google Ads, Meta Ads) included in GiftSentry require explicit staff attestation before any donor data is synchronized to ad platforms. These integrations are governed by the respective platform policies of Google and Meta, which your institution accepts when configuring those connections.

7. Security

Contact form submissions sent to us are transmitted over HTTPS. We use standard email security practices. We do not request or store sensitive financial information through this website.

8. Children's Privacy

This website and GiftSentry's advancement platform are not directed at individuals under the age of 18. We do not knowingly collect information from minors through this website.

9. Changes to This Policy

We may update this policy periodically. Material changes will be noted with an updated "last updated" date at the top of this page. Continued use of this website after changes constitutes acceptance of the updated policy.

10. Contact

Questions about this privacy policy or your data may be directed to:
GiftSentry · hello@giftsentry.com