PatronSend

Last updated: January 2, 2026 | Version: 2026-01-beta

Privacy Policy

This Privacy Policy describes how PatronSend ("we", "us", or "our") collects, uses, and protects information when you use our document and communications management platform.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Name and email address
  • Organization name and details
  • Charitable registration number
  • Organization address

Donor Data

When you connect your donation management system (such as Spektrix), we sync:

  • Donor names and contact information
  • Donor addresses
  • Donation history (amounts, dates, funds)
  • Donation payment methods (type only, not card details)

Payment Information

Subscription payments are processed by Stripe. We do not store credit card numbers or banking details on our servers. Stripe's privacy policy governs their handling of payment information.

Usage Information

We automatically collect:

  • Log data (IP address, browser type, pages visited)
  • Device information
  • Feature usage patterns

2. How We Use Information

We use the information we collect to:

  • Generate documents: Process patron and donor data to create tax receipts, acknowledgment letters, and other official documents
  • Deliver communications: Send documents and communications to patrons via email or other channels
  • Operate the service: Manage your account and process subscription payments
  • Improve the service: Analyze usage patterns to enhance features and performance
  • Provide support: Respond to your questions and troubleshoot issues
  • Communicate: Send service announcements, security alerts, and product updates
  • Comply with legal obligations: Meet regulatory requirements and respond to legal requests

3. Data Sharing

Third-Party Service Providers

We share data with trusted service providers who help us operate PatronSend:

  • Amazon Web Services (AWS): Cloud hosting, file storage, and compute
  • Clerk: Authentication and user management
  • Datadog: Application monitoring and error tracking
  • Inngest: Background job processing and workflow orchestration
  • Neon: Serverless database hosting
  • Resend: Transactional email delivery
  • Spektrix: Integration for syncing donation data (when you connect your account)
  • Stripe: Payment processing
  • Upstash: Caching and rate limiting

We Do Not Sell Your Data

We do not sell, rent, or trade your personal information or your donors' information to third parties for marketing purposes.

Legal Requirements

We may disclose information if required by law, court order, or government request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers

If PatronSend is acquired or merged with another company, your information may be transferred. We will notify you of any such change and any choices you may have regarding your information.

4. Data Storage & Security

Where We Store Data

Your data is stored on secure servers hosted by Amazon Web Services (AWS) in North America. We use industry-standard security measures including:

  • Encryption in transit (TLS/HTTPS)
  • Encryption at rest
  • Regular security audits
  • Access controls and authentication
  • Regular backups

Your Responsibility

You are responsible for maintaining the security of your account credentials and for any activity that occurs under your account. Please use a strong password and do not share your login information.

5. Data Retention

Official Document Records

We retain tax receipt records and other official documents for the period required by applicable law in your jurisdiction:

  • Canada: Minimum seven (7) years per Canada Revenue Agency (CRA) requirements
  • Australia: Minimum five (5) years per Australian Taxation Office (ATO) requirements
  • United States: Minimum seven (7) years per IRS requirements
  • United Kingdom: Minimum six (6) years per HMRC requirements

This includes issued document numbers, amounts, recipient information at time of issuance, and authorization records.

Account Data

We retain your account information for as long as your account is active. If you close your account, we will delete or anonymize your personal information within 90 days, except where retention is required by law or for legitimate business purposes.

Audit Logs

System audit logs are retained for a minimum of two (2) years to maintain security and support compliance requirements.

6. Your Rights

You have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request that we correct inaccurate or incomplete information
  • Deletion: Request deletion of your personal information, subject to legal retention requirements
  • Export: Request a portable copy of your data
  • Withdraw consent: Withdraw consent for optional data processing

To exercise these rights, contact us at support@patronsend.com. We will respond to your request within 30 days.

Donor Rights

Donors whose information is processed through PatronSend should contact the organization that issued their tax receipt to exercise their privacy rights. Organizations using PatronSend are responsible for responding to donor requests regarding their data.

7. Cookies & Tracking

Essential Cookies

We use essential cookies required for the service to function, including:

  • Authentication cookies to keep you signed in
  • Session cookies to maintain your preferences
  • Security cookies to protect against threats

Analytics

We may use analytics services to understand how users interact with PatronSend. This helps us improve the service. You can opt out of analytics tracking through your browser settings or by contacting us.

Do Not Track

We respect browser Do Not Track (DNT) signals and do not track users who have enabled this setting.

8. Children's Privacy

PatronSend is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

9. International Data & Jurisdiction

Data Processing Locations

PatronSend operates globally and may process your data in different countries depending on your organization's location and the services you use. Our primary data processing occurs in North America (Canada and United States).

Cross-Border Transfers

When we transfer personal data across borders, we ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws.

Jurisdiction-Specific Rights

Depending on your location, you may have additional rights under local privacy laws:

  • Australia: Rights under the Privacy Act 1988 and Australian Privacy Principles (APPs)
  • Canada: Rights under PIPEDA (Personal Information Protection and Electronic Documents Act) and applicable provincial privacy laws
  • United Kingdom: Rights under UK GDPR and the Data Protection Act 2018
  • European Union: Rights under the General Data Protection Regulation (GDPR)

To exercise jurisdiction-specific rights, please contact us at support@patronsend.com with details of your request and your location.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will also send you an email notification.

Your continued use of PatronSend after changes are posted constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: